Cuckoo Sandbox

File 5731a11a22d2eb20_unicorn-53556.exe

Summary
Download Resubmit sample Download yara

Size	468.0KB
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`299422d9760bd7e184886b5b43a9af9a`
SHA1	`6447ba0897c25f3139c23500535310110c1f87d6`
SHA256	`5731a11a22d2eb208663584d4ee2f8ead76c9efd5fe09740dfc61a002fa697db`
SHA512	`3145e6b6388b8650569e53d450d67727761118a6674e02b3bcc2a3e3fcade7ee5f83ad9d944b67d73bd0ab26997306147034568df01ffef4cbcf591fe4d1f63d`
CRC32	`552153C2`
ssdeep	`None`
Yara	SEH__vba - (no description)

Score

This file is very suspicious, with a score of 10 out of 10!

Please notice: The scoring system is currently still in development and should be considered an alpha feature.

Autosubmit

Parent_Task_ID:6098504

Feedback

Expecting different results? Send us this analysis and we will inspect it. Click here

Information on Execution

Analysis

Category	Started	Completed	Duration	Routing	Logs
FILE	March 17, 2025, 11:24 a.m.	March 17, 2025, 11:32 a.m.	467 seconds	internet	Show Analyzer Log Show Cuckoo Log

Analyzer Log

2025-03-14 16:22:22,030 [analyzer] DEBUG: Starting analyzer from: C:\tmpht3fil
2025-03-14 16:22:22,092 [analyzer] DEBUG: Pipe server name: \??\PIPE\XSDzSBCcDHmSGAKMIqpSbWxKRr
2025-03-14 16:22:22,092 [analyzer] DEBUG: Log pipe server name: \??\PIPE\uWMaiZrjXOBOZsdZsD
2025-03-14 16:22:22,092 [analyzer] DEBUG: No analysis package specified, trying to detect it automagically.
2025-03-14 16:22:22,155 [analyzer] INFO: Automatically selected analysis package "exe"
2025-03-14 16:22:22,546 [analyzer] DEBUG: Started auxiliary module Curtain
2025-03-14 16:22:22,546 [analyzer] DEBUG: Started auxiliary module DbgView
2025-03-14 16:22:23,328 [analyzer] DEBUG: Started auxiliary module Disguise
2025-03-14 16:22:23,562 [analyzer] DEBUG: Loaded monitor into process with pid 504
2025-03-14 16:22:23,562 [analyzer] DEBUG: Started auxiliary module DumpTLSMasterSecrets
2025-03-14 16:22:23,562 [analyzer] DEBUG: Started auxiliary module Human
2025-03-14 16:22:23,562 [analyzer] DEBUG: Started auxiliary module InstallCertificate
2025-03-14 16:22:23,562 [analyzer] DEBUG: Started auxiliary module Reboot
2025-03-14 16:22:23,640 [analyzer] DEBUG: Started auxiliary module RecentFiles
2025-03-14 16:22:23,655 [analyzer] DEBUG: Started auxiliary module Screenshots
2025-03-14 16:22:23,655 [analyzer] DEBUG: Started auxiliary module Sysmon
2025-03-14 16:22:23,655 [analyzer] DEBUG: Started auxiliary module LoadZer0m0n
2025-03-14 16:22:23,875 [lib.api.process] INFO: Successfully executed process from path u'C:\\Users\\ADMINI~1\\AppData\\Local\\Temp\\5731a11a22d2eb20_unicorn-53556.exe' with arguments '' and pid 1944
2025-03-14 16:22:24,155 [analyzer] DEBUG: Loaded monitor into process with pid 1944
2025-03-14 16:22:27,233 [analyzer] INFO: Added new file to list with pid 1944 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-32413.exe
2025-03-14 16:22:27,342 [analyzer] INFO: Injected into process with pid 2972 and name u'Unicorn-32413.exe'
2025-03-14 16:22:27,515 [analyzer] DEBUG: Loaded monitor into process with pid 2972
2025-03-14 16:22:30,578 [analyzer] INFO: Added new file to list with pid 2972 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-9636.exe
2025-03-14 16:22:30,655 [analyzer] INFO: Added new file to list with pid 1944 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59584.exe
2025-03-14 16:22:30,780 [analyzer] INFO: Injected into process with pid 3032 and name u'Unicorn-9636.exe'
2025-03-14 16:22:30,796 [analyzer] INFO: Injected into process with pid 1720 and name u'Unicorn-59584.exe'
2025-03-14 16:22:30,967 [analyzer] DEBUG: Loaded monitor into process with pid 3032
2025-03-14 16:22:30,967 [analyzer] DEBUG: Loaded monitor into process with pid 1720
2025-03-14 16:22:34,092 [analyzer] INFO: Added new file to list with pid 1720 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-54089.exe
2025-03-14 16:22:34,187 [analyzer] INFO: Added new file to list with pid 3032 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-29585.exe
2025-03-14 16:22:34,312 [analyzer] INFO: Added new file to list with pid 1944 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-56319.exe
2025-03-14 16:22:34,328 [analyzer] INFO: Injected into process with pid 2448 and name u'Unicorn-54089.exe'
2025-03-14 16:22:34,342 [analyzer] INFO: Injected into process with pid 1364 and name u'Unicorn-29585.exe'
2025-03-14 16:22:34,342 [analyzer] INFO: Added new file to list with pid 2972 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-46668.exe
2025-03-14 16:22:34,453 [analyzer] INFO: Injected into process with pid 2584 and name u'Unicorn-56319.exe'
2025-03-14 16:22:34,453 [analyzer] INFO: Injected into process with pid 1084 and name u'Unicorn-46668.exe'
2025-03-14 16:22:34,562 [analyzer] DEBUG: Loaded monitor into process with pid 2448
2025-03-14 16:22:34,562 [analyzer] DEBUG: Loaded monitor into process with pid 1364
2025-03-14 16:22:34,733 [analyzer] DEBUG: Loaded monitor into process with pid 1084
2025-03-14 16:22:34,796 [analyzer] DEBUG: Loaded monitor into process with pid 2584
2025-03-14 16:22:37,640 [analyzer] INFO: Added new file to list with pid 1364 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-15168.exe
2025-03-14 16:22:37,796 [analyzer] INFO: Added new file to list with pid 3032 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-19999.exe
2025-03-14 16:22:37,812 [analyzer] INFO: Injected into process with pid 2616 and name u'Unicorn-15168.exe'
2025-03-14 16:22:37,858 [analyzer] INFO: Added new file to list with pid 2448 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-56201.exe
2025-03-14 16:22:38,015 [analyzer] INFO: Added new file to list with pid 2584 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53077.exe
2025-03-14 16:22:38,046 [analyzer] INFO: Injected into process with pid 2436 and name u'Unicorn-19999.exe'
2025-03-14 16:22:38,062 [analyzer] DEBUG: Loaded monitor into process with pid 2616
2025-03-14 16:22:38,108 [analyzer] INFO: Added new file to list with pid 1720 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-49548.exe
2025-03-14 16:22:38,125 [analyzer] INFO: Injected into process with pid 324 and name u'Unicorn-56201.exe'
2025-03-14 16:22:38,155 [analyzer] INFO: Added new file to list with pid 1084 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-20405.exe
2025-03-14 16:22:38,155 [analyzer] INFO: Added new file to list with pid 1944 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-7887.exe
2025-03-14 16:22:38,187 [analyzer] INFO: Injected into process with pid 2996 and name u'Unicorn-53077.exe'
2025-03-14 16:22:38,280 [analyzer] INFO: Added new file to list with pid 2972 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-34886.exe
2025-03-14 16:22:38,390 [analyzer] INFO: Injected into process with pid 3080 and name u'Unicorn-7887.exe'
2025-03-14 16:22:38,405 [analyzer] INFO: Injected into process with pid 2236 and name u'Unicorn-20405.exe'
2025-03-14 16:22:38,421 [analyzer] INFO: Injected into process with pid 3172 and name u'Unicorn-34886.exe'
2025-03-14 16:22:38,421 [analyzer] INFO: Injected into process with pid 2108 and name u'Unicorn-49548.exe'
2025-03-14 16:22:38,546 [analyzer] DEBUG: Loaded monitor into process with pid 3080
2025-03-14 16:22:38,562 [analyzer] DEBUG: Loaded monitor into process with pid 2996
2025-03-14 16:22:38,592 [analyzer] DEBUG: Loaded monitor into process with pid 324
2025-03-14 16:22:38,592 [analyzer] DEBUG: Loaded monitor into process with pid 2236
2025-03-14 16:22:38,812 [analyzer] DEBUG: Loaded monitor into process with pid 2108
2025-03-14 16:22:38,812 [analyzer] DEBUG: Loaded monitor into process with pid 2436
2025-03-14 16:22:38,890 [analyzer] DEBUG: Loaded monitor into process with pid 3172
2025-03-14 16:22:41,203 [analyzer] INFO: Added new file to list with pid 2616 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-11393.exe
2025-03-14 16:22:41,342 [analyzer] INFO: Added new file to list with pid 1364 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-12140.exe
2025-03-14 16:22:41,421 [analyzer] INFO: Injected into process with pid 3328 and name u'Unicorn-11393.exe'
2025-03-14 16:22:41,483 [analyzer] INFO: Injected into process with pid 3360 and name u'Unicorn-12140.exe'
2025-03-14 16:22:41,640 [analyzer] DEBUG: Loaded monitor into process with pid 3328
2025-03-14 16:22:41,703 [analyzer] DEBUG: Loaded monitor into process with pid 3360
2025-03-14 16:22:41,875 [analyzer] INFO: Added new file to list with pid 324 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35706.exe
2025-03-14 16:22:41,905 [analyzer] INFO: Added new file to list with pid 2996 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-60402.exe
2025-03-14 16:22:42,125 [analyzer] INFO: Added new file to list with pid 2584 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-16800.exe
2025-03-14 16:22:42,140 [analyzer] INFO: Added new file to list with pid 2236 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-36666.exe
2025-03-14 16:22:42,265 [analyzer] INFO: Injected into process with pid 3416 and name u'Unicorn-35706.exe'
2025-03-14 16:22:42,280 [analyzer] INFO: Injected into process with pid 3424 and name u'Unicorn-60402.exe'
2025-03-14 16:22:42,390 [analyzer] INFO: Added new file to list with pid 3080 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-36858.exe
2025-03-14 16:22:42,421 [analyzer] INFO: Injected into process with pid 3472 and name u'Unicorn-16800.exe'
2025-03-14 16:22:42,437 [analyzer] INFO: Injected into process with pid 3480 and name u'Unicorn-36666.exe'
2025-03-14 16:22:42,515 [analyzer] INFO: Added new file to list with pid 2436 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-28114.exe
2025-03-14 16:22:42,592 [analyzer] INFO: Injected into process with pid 3552 and name u'Unicorn-36858.exe'
2025-03-14 16:22:42,608 [analyzer] INFO: Added new file to list with pid 1084 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-16416.exe
2025-03-14 16:22:42,640 [analyzer] DEBUG: Loaded monitor into process with pid 3416
2025-03-14 16:22:42,671 [analyzer] DEBUG: Loaded monitor into process with pid 3472
2025-03-14 16:22:42,703 [analyzer] INFO: Added new file to list with pid 1944 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-2847.exe
2025-03-14 16:22:42,717 [analyzer] DEBUG: Loaded monitor into process with pid 3480
2025-03-14 16:22:42,717 [analyzer] DEBUG: Loaded monitor into process with pid 3424
2025-03-14 16:22:42,717 [analyzer] INFO: Injected into process with pid 3640 and name u'Unicorn-16416.exe'
2025-03-14 16:22:42,733 [analyzer] INFO: Added new file to list with pid 2448 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-49281.exe
2025-03-14 16:22:42,780 [analyzer] INFO: Injected into process with pid 3608 and name u'Unicorn-28114.exe'
2025-03-14 16:22:42,967 [analyzer] INFO: Added new file to list with pid 3172 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53002.exe
2025-03-14 16:22:42,983 [analyzer] INFO: Injected into process with pid 3696 and name u'Unicorn-2847.exe'
2025-03-14 16:22:43,000 [analyzer] INFO: Added new file to list with pid 3032 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-19051.exe
2025-03-14 16:22:43,015 [analyzer] INFO: Injected into process with pid 3724 and name u'Unicorn-49281.exe'
2025-03-14 16:22:43,092 [analyzer] INFO: Added new file to list with pid 2108 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-7885.exe
2025-03-14 16:22:43,171 [analyzer] INFO: Injected into process with pid 3772 and name u'Unicorn-53002.exe'
2025-03-14 16:22:43,217 [analyzer] INFO: Injected into process with pid 3788 and name u'Unicorn-19051.exe'
2025-03-14 16:22:43,250 [analyzer] INFO: Injected into process with pid 3840 and name u'Unicorn-7885.exe'
2025-03-14 16:22:43,296 [analyzer] DEBUG: Loaded monitor into process with pid 3552
2025-03-14 16:22:43,342 [analyzer] DEBUG: Loaded monitor into process with pid 3640
2025-03-14 16:22:43,358 [analyzer] DEBUG: Loaded monitor into process with pid 3608
2025-03-14 16:22:43,467 [analyzer] INFO: Added new file to list with pid 1720 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-2907.exe
2025-03-14 16:22:43,608 [analyzer] DEBUG: Loaded monitor into process with pid 3696
2025-03-14 16:22:43,608 [analyzer] DEBUG: Loaded monitor into process with pid 3724
2025-03-14 16:22:43,608 [analyzer] DEBUG: Loaded monitor into process with pid 3840
2025-03-14 16:22:43,655 [analyzer] DEBUG: Loaded monitor into process with pid 3772
2025-03-14 16:22:43,671 [analyzer] INFO: Added new file to list with pid 2972 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-36785.exe
2025-03-14 16:22:43,655 [analyzer] DEBUG: Loaded monitor into process with pid 3788
2025-03-14 16:22:43,812 [analyzer] INFO: Injected into process with pid 3924 and name u'Unicorn-2907.exe'
2025-03-14 16:22:43,937 [analyzer] INFO: Injected into process with pid 3968 and name u'Unicorn-36785.exe'
2025-03-14 16:22:44,155 [analyzer] DEBUG: Loaded monitor into process with pid 3924
2025-03-14 16:22:44,342 [analyzer] DEBUG: Loaded monitor into process with pid 3968
2025-03-14 16:22:44,733 [analyzer] INFO: Added new file to list with pid 3328 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5145.exe
2025-03-14 16:22:44,905 [analyzer] INFO: Injected into process with pid 4036 and name u'Unicorn-5145.exe'
2025-03-14 16:22:45,187 [analyzer] INFO: Added new file to list with pid 3360 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-55498.exe
2025-03-14 16:22:45,217 [analyzer] INFO: Added new file to list with pid 2616 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-64221.exe
2025-03-14 16:22:45,375 [analyzer] INFO: Added new file to list with pid 1364 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53644.exe
2025-03-14 16:22:45,375 [analyzer] INFO: Injected into process with pid 4084 and name u'Unicorn-64221.exe'
2025-03-14 16:22:45,421 [analyzer] INFO: Injected into process with pid 4076 and name u'Unicorn-55498.exe'
2025-03-14 16:22:45,467 [analyzer] DEBUG: Loaded monitor into process with pid 4036
2025-03-14 16:22:45,515 [analyzer] INFO: Injected into process with pid 3188 and name u'Unicorn-53644.exe'
2025-03-14 16:22:45,625 [analyzer] DEBUG: Loaded monitor into process with pid 4084
2025-03-14 16:22:45,671 [analyzer] DEBUG: Loaded monitor into process with pid 4076
2025-03-14 16:22:45,717 [analyzer] DEBUG: Loaded monitor into process with pid 3188
2025-03-14 16:22:45,842 [analyzer] INFO: Added new file to list with pid 3416 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-22442.exe
2025-03-14 16:22:46,342 [analyzer] INFO: Added new file to list with pid 324 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-60905.exe
2025-03-14 16:22:46,405 [analyzer] INFO: Added new file to list with pid 3480 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35846.exe
2025-03-14 16:22:46,437 [analyzer] INFO: Injected into process with pid 3348 and name u'Unicorn-22442.exe'
2025-03-14 16:22:46,875 [analyzer] INFO: Injected into process with pid 3392 and name u'Unicorn-60905.exe'
2025-03-14 16:22:46,983 [analyzer] DEBUG: Loaded monitor into process with pid 3348
2025-03-14 16:22:47,015 [analyzer] INFO: Added new file to list with pid 2236 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-12472.exe
2025-03-14 16:22:47,015 [analyzer] INFO: Injected into process with pid 3444 and name u'Unicorn-35846.exe'
2025-03-14 16:22:47,187 [analyzer] DEBUG: Loaded monitor into process with pid 3392
2025-03-14 16:22:47,405 [analyzer] DEBUG: Loaded monitor into process with pid 3444
2025-03-14 16:22:47,453 [analyzer] INFO: Added new file to list with pid 3924 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-65394.exe
2025-03-14 16:22:47,640 [analyzer] INFO: Injected into process with pid 3548 and name u'Unicorn-12472.exe'
2025-03-14 16:22:47,687 [analyzer] INFO: Added new file to list with pid 3724 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-64818.exe
2025-03-14 16:22:47,905 [analyzer] INFO: Injected into process with pid 3720 and name u'Unicorn-65394.exe'
2025-03-14 16:22:47,937 [analyzer] DEBUG: Loaded monitor into process with pid 3548
2025-03-14 16:22:48,000 [analyzer] INFO: Added new file to list with pid 3608 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-7641.exe
2025-03-14 16:22:48,046 [analyzer] INFO: Injected into process with pid 3752 and name u'Unicorn-64818.exe'
2025-03-14 16:22:48,155 [analyzer] DEBUG: Loaded monitor into process with pid 3720
2025-03-14 16:22:48,828 [analyzer] INFO: Added new file to list with pid 1720 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-3832.exe
2025-03-14 16:22:48,828 [analyzer] INFO: Added new file to list with pid 2448 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-63504.exe
2025-03-14 16:22:48,983 [analyzer] INFO: Added new file to list with pid 3788 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4097.exe
2025-03-14 16:22:48,983 [analyzer] INFO: Added new file to list with pid 3640 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4097.exe
2025-03-14 16:22:49,046 [analyzer] INFO: Added new file to list with pid 3424 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-61658.exe
2025-03-14 16:22:49,125 [analyzer] DEBUG: Loaded monitor into process with pid 3752
2025-03-14 16:22:49,125 [analyzer] INFO: Added new file to list with pid 2436 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-18056.exe
2025-03-14 16:22:49,280 [analyzer] INFO: Injected into process with pid 3872 and name u'Unicorn-7641.exe'
2025-03-14 16:22:49,328 [analyzer] INFO: Injected into process with pid 4008 and name u'Unicorn-63504.exe'
2025-03-14 16:22:49,342 [analyzer] INFO: Injected into process with pid 3980 and name u'Unicorn-3832.exe'
2025-03-14 16:22:49,375 [analyzer] INFO: Injected into process with pid 3304 and name u'Unicorn-61658.exe'
2025-03-14 16:22:49,405 [analyzer] INFO: Injected into process with pid 356 and name u'Unicorn-4097.exe'
2025-03-14 16:22:49,421 [analyzer] INFO: Injected into process with pid 3140 and name u'Unicorn-18056.exe'
2025-03-14 16:22:49,530 [analyzer] DEBUG: Loaded monitor into process with pid 3872
2025-03-14 16:22:49,546 [analyzer] DEBUG: Loaded monitor into process with pid 4008
2025-03-14 16:22:49,592 [analyzer] DEBUG: Loaded monitor into process with pid 3980
2025-03-14 16:22:49,592 [analyzer] DEBUG: Loaded monitor into process with pid 3304
2025-03-14 16:22:49,858 [analyzer] INFO: Added new file to list with pid 1084 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-11179.exe
2025-03-14 16:22:49,905 [analyzer] INFO: Added new file to list with pid 3968 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-17310.exe
2025-03-14 16:22:50,062 [analyzer] INFO: Added new file to list with pid 2108 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59857.exe
2025-03-14 16:22:50,078 [analyzer] DEBUG: Loaded monitor into process with pid 3140
2025-03-14 16:22:50,140 [analyzer] INFO: Injected into process with pid 3708 and name u'Unicorn-11179.exe'
2025-03-14 16:22:50,187 [analyzer] INFO: Injected into process with pid 3764 and name u'Unicorn-17310.exe'
2025-03-14 16:22:50,187 [analyzer] DEBUG: Loaded monitor into process with pid 356
2025-03-14 16:22:50,390 [analyzer] DEBUG: Loaded monitor into process with pid 3708
2025-03-14 16:22:50,421 [analyzer] DEBUG: Loaded monitor into process with pid 3764
2025-03-14 16:22:50,717 [analyzer] INFO: Injected into process with pid 4048 and name u'Unicorn-59857.exe'
2025-03-14 16:22:50,750 [analyzer] INFO: Added new file to list with pid 2996 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-30884.exe
2025-03-14 16:22:50,765 [analyzer] INFO: Added new file to list with pid 3032 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5368.exe
2025-03-14 16:22:50,983 [analyzer] INFO: Injected into process with pid 3396 and name u'Unicorn-30884.exe'
2025-03-14 16:22:51,000 [analyzer] DEBUG: Loaded monitor into process with pid 4048
2025-03-14 16:22:51,030 [analyzer] INFO: Injected into process with pid 3528 and name u'Unicorn-5368.exe'
2025-03-14 16:22:51,280 [analyzer] DEBUG: Loaded monitor into process with pid 3396
2025-03-14 16:22:51,342 [analyzer] DEBUG: Loaded monitor into process with pid 3528
2025-03-14 16:22:52,108 [analyzer] INFO: Added new file to list with pid 3788 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-8108.exe
2025-03-14 16:22:52,358 [analyzer] INFO: Added new file to list with pid 2972 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-19235.exe
2025-03-14 16:22:52,390 [analyzer] INFO: Injected into process with pid 3828 and name u'Unicorn-8108.exe'
2025-03-14 16:22:52,592 [analyzer] DEBUG: Loaded monitor into process with pid 3828
2025-03-14 16:22:52,655 [analyzer] INFO: Injected into process with pid 4124 and name u'Unicorn-19235.exe'
2025-03-14 16:22:52,858 [analyzer] DEBUG: Loaded monitor into process with pid 4124
2025-03-14 16:22:53,187 [analyzer] INFO: Added new file to list with pid 3696 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-45270.exe
2025-03-14 16:22:53,467 [analyzer] INFO: Injected into process with pid 4196 and name u'Unicorn-45270.exe'
2025-03-14 16:22:53,687 [analyzer] DEBUG: Loaded monitor into process with pid 4196
2025-03-14 16:22:53,796 [analyzer] INFO: Added new file to list with pid 3772 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-12213.exe
2025-03-14 16:22:54,092 [analyzer] INFO: Injected into process with pid 4244 and name u'Unicorn-12213.exe'
2025-03-14 16:22:54,358 [analyzer] DEBUG: Loaded monitor into process with pid 4244
2025-03-14 16:22:54,671 [analyzer] INFO: Added new file to list with pid 1944 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-32440.exe
2025-03-14 16:22:54,858 [analyzer] INFO: Added new file to list with pid 3172 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-62737.exe
2025-03-14 16:22:54,953 [analyzer] INFO: Injected into process with pid 4308 and name u'Unicorn-32440.exe'
2025-03-14 16:22:55,062 [analyzer] INFO: Injected into process with pid 4376 and name u'Unicorn-62737.exe'
2025-03-14 16:22:55,140 [analyzer] DEBUG: Loaded monitor into process with pid 4308
2025-03-14 16:22:55,375 [analyzer] INFO: Added new file to list with pid 3472 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-38638.exe
2025-03-14 16:22:55,515 [analyzer] DEBUG: Loaded monitor into process with pid 4376
2025-03-14 16:22:55,608 [analyzer] INFO: Injected into process with pid 4432 and name u'Unicorn-38638.exe'
2025-03-14 16:22:55,812 [analyzer] DEBUG: Loaded monitor into process with pid 4432
2025-03-14 16:22:55,890 [analyzer] INFO: Added new file to list with pid 2584 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-48652.exe
2025-03-14 16:22:56,108 [analyzer] INFO: Injected into process with pid 4480 and name u'Unicorn-48652.exe'
2025-03-14 16:22:56,155 [analyzer] INFO: Added new file to list with pid 3080 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-27672.exe
2025-03-14 16:22:56,280 [analyzer] INFO: Added new file to list with pid 3188 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-14865.exe
2025-03-14 16:22:56,358 [analyzer] INFO: Injected into process with pid 4516 and name u'Unicorn-27672.exe'
2025-03-14 16:22:56,405 [analyzer] DEBUG: Loaded monitor into process with pid 4480
2025-03-14 16:22:56,421 [analyzer] INFO: Injected into process with pid 4552 and name u'Unicorn-14865.exe'
2025-03-14 16:22:56,608 [analyzer] DEBUG: Loaded monitor into process with pid 4516
2025-03-14 16:22:56,608 [analyzer] INFO: Added new file to list with pid 3552 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6121.exe
2025-03-14 16:22:56,640 [analyzer] DEBUG: Loaded monitor into process with pid 4552
2025-03-14 16:22:56,858 [analyzer] INFO: Injected into process with pid 4616 and name u'Unicorn-6121.exe'
2025-03-14 16:22:56,858 [analyzer] INFO: Added new file to list with pid 1364 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-22385.exe
2025-03-14 16:22:57,171 [analyzer] INFO: Injected into process with pid 4664 and name u'Unicorn-22385.exe'
2025-03-14 16:22:57,203 [analyzer] DEBUG: Loaded monitor into process with pid 4616
2025-03-14 16:22:57,375 [analyzer] DEBUG: Loaded monitor into process with pid 4664
2025-03-14 16:22:58,467 [analyzer] INFO: Added new file to list with pid 3328 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-33484.exe
2025-03-14 16:22:58,640 [analyzer] INFO: Injected into process with pid 4724 and name u'Unicorn-33484.exe'
2025-03-14 16:22:58,812 [analyzer] DEBUG: Loaded monitor into process with pid 4724
2025-03-14 16:22:58,890 [analyzer] INFO: Added new file to list with pid 2616 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-42752.exe
2025-03-14 16:22:58,967 [analyzer] INFO: Added new file to list with pid 3360 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-45353.exe
2025-03-14 16:22:59,187 [analyzer] INFO: Injected into process with pid 4792 and name u'Unicorn-42752.exe'
2025-03-14 16:22:59,265 [analyzer] INFO: Injected into process with pid 4816 and name u'Unicorn-45353.exe'
2025-03-14 16:22:59,390 [analyzer] DEBUG: Loaded monitor into process with pid 4792
2025-03-14 16:22:59,467 [analyzer] DEBUG: Loaded monitor into process with pid 4816
2025-03-14 16:23:00,217 [analyzer] INFO: Added new file to list with pid 3416 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-22576.exe
2025-03-14 16:23:00,405 [analyzer] INFO: Added new file to list with pid 324 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-40588.exe
2025-03-14 16:23:00,500 [analyzer] INFO: Injected into process with pid 4880 and name u'Unicorn-22576.exe'
2025-03-14 16:23:00,562 [analyzer] INFO: Added new file to list with pid 3480 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-54865.exe
2025-03-14 16:23:00,687 [analyzer] INFO: Injected into process with pid 4912 and name u'Unicorn-40588.exe'
2025-03-14 16:23:00,733 [analyzer] DEBUG: Loaded monitor into process with pid 4880
2025-03-14 16:23:00,905 [analyzer] DEBUG: Loaded monitor into process with pid 4912
2025-03-14 16:23:00,905 [analyzer] INFO: Injected into process with pid 4948 and name u'Unicorn-54865.exe'
2025-03-14 16:23:01,155 [analyzer] INFO: Added new file to list with pid 4664 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-51378.exe
2025-03-14 16:23:01,171 [analyzer] INFO: Added new file to list with pid 2236 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-45248.exe
2025-03-14 16:23:01,187 [analyzer] DEBUG: Loaded monitor into process with pid 4948
2025-03-14 16:23:01,421 [analyzer] INFO: Added new file to list with pid 1364 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-42640.exe
2025-03-14 16:23:01,500 [analyzer] INFO: Added new file to list with pid 4616 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-43402.exe
2025-03-14 16:23:01,546 [analyzer] INFO: Added new file to list with pid 3924 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59717.exe
2025-03-14 16:23:01,640 [analyzer] INFO: Added new file to list with pid 3724 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-2348.exe
2025-03-14 16:23:01,703 [analyzer] INFO: Added new file to list with pid 3552 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-18876.exe
2025-03-14 16:23:01,750 [analyzer] INFO: Injected into process with pid 5020 and name u'Unicorn-45248.exe'
2025-03-14 16:23:01,750 [analyzer] INFO: Injected into process with pid 5012 and name u'Unicorn-51378.exe'
2025-03-14 16:23:01,875 [analyzer] INFO: Injected into process with pid 5060 and name u'Unicorn-42640.exe'
2025-03-14 16:23:01,921 [analyzer] INFO: Injected into process with pid 5076 and name u'Unicorn-43402.exe'
2025-03-14 16:23:01,921 [analyzer] INFO: Injected into process with pid 4140 and name u'Unicorn-2348.exe'
2025-03-14 16:23:01,921 [analyzer] INFO: Injected into process with pid 4100 and name u'Unicorn-59717.exe'
2025-03-14 16:23:02,000 [analyzer] INFO: Injected into process with pid 4224 and name u'Unicorn-18876.exe'
2025-03-14 16:23:02,015 [analyzer] DEBUG: Loaded monitor into process with pid 5012
2025-03-14 16:23:02,092 [analyzer] DEBUG: Loaded monitor into process with pid 5020
2025-03-14 16:23:02,155 [analyzer] DEBUG: Loaded monitor into process with pid 5060
2025-03-14 16:23:02,187 [analyzer] DEBUG: Loaded monitor into process with pid 4140
2025-03-14 16:23:02,187 [analyzer] INFO: Added new file to list with pid 4480 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-43978.exe
2025-03-14 16:23:02,203 [analyzer] DEBUG: Loaded monitor into process with pid 4100
2025-03-14 16:23:02,217 [analyzer] DEBUG: Loaded monitor into process with pid 5076
2025-03-14 16:23:02,453 [analyzer] DEBUG: Loaded monitor into process with pid 4224
2025-03-14 16:23:02,467 [analyzer] INFO: Added new file to list with pid 2584 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-64325.exe
2025-03-14 16:23:02,530 [analyzer] INFO: Injected into process with pid 2248 and name u'Unicorn-43978.exe'
2025-03-14 16:23:02,733 [analyzer] INFO: Added new file to list with pid 4376 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-2561.exe
2025-03-14 16:23:02,733 [analyzer] INFO: Injected into process with pid 4448 and name u'Unicorn-64325.exe'
2025-03-14 16:23:02,765 [analyzer] DEBUG: Loaded monitor into process with pid 2248
2025-03-14 16:23:02,828 [analyzer] INFO: Added new file to list with pid 3608 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-11476.exe
2025-03-14 16:23:02,890 [analyzer] INFO: Added new file to list with pid 2448 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-47605.exe
2025-03-14 16:23:02,953 [analyzer] INFO: Added new file to list with pid 3640 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-19836.exe
2025-03-14 16:23:02,953 [analyzer] INFO: Added new file to list with pid 1720 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-30771.exe
2025-03-14 16:23:03,000 [analyzer] DEBUG: Loaded monitor into process with pid 4448
2025-03-14 16:23:03,046 [analyzer] INFO: Added new file to list with pid 2436 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-13919.exe
2025-03-14 16:23:03,092 [analyzer] INFO: Injected into process with pid 4568 and name u'Unicorn-2561.exe'
2025-03-14 16:23:03,233 [analyzer] INFO: Injected into process with pid 4632 and name u'Unicorn-11476.exe'
2025-03-14 16:23:03,280 [analyzer] INFO: Added new file to list with pid 3172 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-54952.exe
2025-03-14 16:23:03,358 [analyzer] INFO: Injected into process with pid 4680 and name u'Unicorn-47605.exe'
2025-03-14 16:23:03,453 [analyzer] DEBUG: Loaded monitor into process with pid 4568
2025-03-14 16:23:03,483 [analyzer] INFO: Added new file to list with pid 4724 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-65358.exe
2025-03-14 16:23:03,515 [analyzer] INFO: Injected into process with pid 4768 and name u'Unicorn-19836.exe'
2025-03-14 16:23:03,515 [analyzer] INFO: Injected into process with pid 4780 and name u'Unicorn-19836.exe'
2025-03-14 16:23:03,515 [analyzer] INFO: Injected into process with pid 4772 and name u'Unicorn-30771.exe'
2025-03-14 16:23:03,592 [analyzer] INFO: Injected into process with pid 4936 and name u'Unicorn-13919.exe'
2025-03-14 16:23:03,625 [analyzer] DEBUG: Loaded monitor into process with pid 4632
2025-03-14 16:23:03,733 [analyzer] INFO: Added new file to list with pid 1084 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-3064.exe
2025-03-14 16:23:03,750 [analyzer] DEBUG: Loaded monitor into process with pid 4680
2025-03-14 16:23:03,750 [analyzer] INFO: Injected into process with pid 5040 and name u'Unicorn-54952.exe'
2025-03-14 16:23:03,828 [analyzer] INFO: Added new file to list with pid 3968 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-61445.exe
2025-03-14 16:23:03,858 [analyzer] DEBUG: Loaded monitor into process with pid 4772
2025-03-14 16:23:03,890 [analyzer] DEBUG: Loaded monitor into process with pid 4780
2025-03-14 16:23:03,921 [analyzer] DEBUG: Loaded monitor into process with pid 4936
2025-03-14 16:23:03,953 [analyzer] INFO: Injected into process with pid 2684 and name u'Unicorn-65358.exe'
2025-03-14 16:23:03,967 [analyzer] DEBUG: Loaded monitor into process with pid 4768
2025-03-14 16:23:03,983 [analyzer] INFO: Injected into process with pid 4164 and name u'Unicorn-65358.exe'
2025-03-14 16:23:04,062 [analyzer] DEBUG: Loaded monitor into process with pid 5040
2025-03-14 16:23:04,108 [analyzer] INFO: Injected into process with pid 4492 and name u'Unicorn-3064.exe'
2025-03-14 16:23:04,187 [analyzer] INFO: Injected into process with pid 4744 and name u'Unicorn-61445.exe'
2025-03-14 16:23:04,233 [analyzer] DEBUG: Loaded monitor into process with pid 2684
2025-03-14 16:23:04,280 [analyzer] DEBUG: Loaded monitor into process with pid 4164
2025-03-14 16:23:04,312 [analyzer] INFO: Added new file to list with pid 2108 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-55876.exe
2025-03-14 16:23:04,421 [analyzer] DEBUG: Loaded monitor into process with pid 4492
2025-03-14 16:23:04,467 [analyzer] DEBUG: Loaded monitor into process with pid 4744
2025-03-14 16:23:04,562 [analyzer] INFO: Added new file to list with pid 2996 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-55300.exe
2025-03-14 16:23:04,578 [analyzer] INFO: Injected into process with pid 4136 and name u'Unicorn-55876.exe'
2025-03-14 16:23:04,655 [analyzer] INFO: Added new file to list with pid 3032 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-27995.exe
2025-03-14 16:23:04,858 [analyzer] INFO: Added new file to list with pid 3328 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-14459.exe
2025-03-14 16:23:04,905 [analyzer] DEBUG: Loaded monitor into process with pid 4136
2025-03-14 16:23:04,983 [analyzer] INFO: Injected into process with pid 640 and name u'Unicorn-55300.exe'
2025-03-14 16:23:05,062 [analyzer] INFO: Injected into process with pid 4844 and name u'Unicorn-27995.exe'
2025-03-14 16:23:05,125 [analyzer] INFO: Injected into process with pid 4944 and name u'Unicorn-14459.exe'
2025-03-14 16:23:05,217 [analyzer] DEBUG: Loaded monitor into process with pid 640
2025-03-14 16:23:05,265 [analyzer] DEBUG: Loaded monitor into process with pid 4844
2025-03-14 16:23:05,437 [analyzer] DEBUG: Loaded monitor into process with pid 4944
2025-03-14 16:23:05,546 [analyzer] INFO: Added new file to list with pid 4048 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-62198.exe
2025-03-14 16:23:05,937 [analyzer] INFO: Injected into process with pid 4972 and name u'Unicorn-62198.exe'
2025-03-14 16:23:06,030 [analyzer] INFO: Added new file to list with pid 3788 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-3935.exe
2025-03-14 16:23:06,140 [analyzer] DEBUG: Loaded monitor into process with pid 4972
2025-03-14 16:23:06,280 [analyzer] INFO: Added new file to list with pid 2972 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-46244.exe
2025-03-14 16:23:06,328 [analyzer] INFO: Added new file to list with pid 3348 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6173.exe
2025-03-14 16:23:06,467 [analyzer] INFO: Injected into process with pid 5144 and name u'Unicorn-3935.exe'
2025-03-14 16:23:06,592 [analyzer] INFO: Injected into process with pid 5184 and name u'Unicorn-46244.exe'
2025-03-14 16:23:06,592 [analyzer] INFO: Injected into process with pid 5200 and name u'Unicorn-6173.exe'
2025-03-14 16:23:06,717 [analyzer] DEBUG: Loaded monitor into process with pid 5144
2025-03-14 16:23:06,796 [analyzer] DEBUG: Loaded monitor into process with pid 5184
2025-03-14 16:23:06,812 [analyzer] DEBUG: Loaded monitor into process with pid 5200
2025-03-14 16:23:07,078 [analyzer] INFO: Added new file to list with pid 3696 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-48337.exe
2025-03-14 16:23:09,203 [analyzer] INFO: Added new file to list with pid 1944 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-24581.exe
2025-03-14 16:23:09,217 [analyzer] INFO: Added new file to list with pid 3772 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-13116.exe
2025-03-14 16:23:09,342 [analyzer] INFO: Added new file to list with pid 4076 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-32982.exe
2025-03-14 16:23:10,828 [analyzer] INFO: Added new file to list with pid 3472 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-41704.exe
2025-03-14 16:23:10,875 [analyzer] INFO: Added new file to list with pid 4792 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-61570.exe
2025-03-14 16:23:11,312 [analyzer] INFO: Injected into process with pid 5292 and name u'Unicorn-48337.exe'
2025-03-14 16:23:11,530 [analyzer] INFO: Injected into process with pid 5408 and name u'Unicorn-24581.exe'
2025-03-14 16:23:11,578 [analyzer] INFO: Injected into process with pid 5416 and name u'Unicorn-13116.exe'
2025-03-14 16:23:11,796 [analyzer] INFO: Added new file to list with pid 3080 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-44340.exe
2025-03-14 16:23:11,796 [analyzer] INFO: Injected into process with pid 5436 and name u'Unicorn-32982.exe'
2025-03-14 16:23:12,062 [analyzer] DEBUG: Loaded monitor into process with pid 5292
2025-03-14 16:23:12,092 [analyzer] INFO: Injected into process with pid 5484 and name u'Unicorn-61570.exe'
2025-03-14 16:23:12,187 [analyzer] INFO: Injected into process with pid 5460 and name u'Unicorn-41704.exe'
2025-03-14 16:23:12,265 [analyzer] DEBUG: Loaded monitor into process with pid 5416
2025-03-14 16:23:12,342 [analyzer] DEBUG: Loaded monitor into process with pid 5408
2025-03-14 16:23:12,375 [analyzer] DEBUG: Loaded monitor into process with pid 5436
2025-03-14 16:23:12,390 [analyzer] DEBUG: Loaded monitor into process with pid 5484
2025-03-14 16:23:12,405 [analyzer] DEBUG: Loaded monitor into process with pid 5460
2025-03-14 16:23:12,467 [analyzer] INFO: Added new file to list with pid 3188 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-15576.exe
2025-03-14 16:23:12,562 [analyzer] INFO: Injected into process with pid 5600 and name u'Unicorn-44340.exe'
2025-03-14 16:23:12,578 [analyzer] INFO: Added new file to list with pid 2616 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59105.exe
2025-03-14 16:23:13,015 [analyzer] INFO: Injected into process with pid 5688 and name u'Unicorn-15576.exe'
2025-03-14 16:23:13,030 [analyzer] INFO: Injected into process with pid 5712 and name u'Unicorn-59105.exe'
2025-03-14 16:23:13,108 [analyzer] DEBUG: Loaded monitor into process with pid 5600
2025-03-14 16:23:13,515 [analyzer] DEBUG: Loaded monitor into process with pid 5712
2025-03-14 16:23:13,530 [analyzer] DEBUG: Loaded monitor into process with pid 5688
2025-03-14 16:23:13,546 [analyzer] INFO: Added new file to list with pid 4036 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-64222.exe
2025-03-14 16:23:14,171 [analyzer] INFO: Injected into process with pid 5812 and name u'Unicorn-64222.exe'
2025-03-14 16:23:14,203 [analyzer] INFO: Added new file to list with pid 3304 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-36786.exe
2025-03-14 16:23:14,342 [analyzer] INFO: Added new file to list with pid 3360 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59436.exe
2025-03-14 16:23:14,358 [analyzer] INFO: Added new file to list with pid 3416 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-14319.exe
2025-03-14 16:23:14,405 [analyzer] INFO: Added new file to list with pid 4084 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-20450.exe
2025-03-14 16:23:14,405 [analyzer] INFO: Added new file to list with pid 324 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-20184.exe
2025-03-14 16:23:14,733 [analyzer] DEBUG: Loaded monitor into process with pid 5812
2025-03-14 16:23:14,858 [analyzer] INFO: Added new file to list with pid 3480 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-1491.exe
2025-03-14 16:23:15,108 [analyzer] INFO: Injected into process with pid 5848 and name u'Unicorn-36786.exe'
2025-03-14 16:23:15,358 [analyzer] INFO: Injected into process with pid 5872 and name u'Unicorn-59436.exe'
2025-03-14 16:23:15,375 [analyzer] INFO: Injected into process with pid 5880 and name u'Unicorn-14319.exe'
2025-03-14 16:23:15,390 [analyzer] INFO: Added new file to list with pid 4664 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-42384.exe
2025-03-14 16:23:15,483 [analyzer] INFO: Injected into process with pid 5912 and name u'Unicorn-20184.exe'
2025-03-14 16:23:15,483 [analyzer] INFO: Injected into process with pid 5904 and name u'Unicorn-20450.exe'
2025-03-14 16:23:15,483 [analyzer] DEBUG: Loaded monitor into process with pid 5848
2025-03-14 16:23:15,500 [analyzer] INFO: Added new file to list with pid 3708 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-8965.exe
2025-03-14 16:23:18,640 [analyzer] INFO: Added new file to list with pid 2236 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-45649.exe
2025-03-14 16:23:18,671 [analyzer] INFO: Injected into process with pid 5984 and name u'Unicorn-1491.exe'
2025-03-14 16:23:18,703 [analyzer] INFO: Added new file to list with pid 1364 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-23956.exe
2025-03-14 16:23:18,765 [analyzer] INFO: Added new file to list with pid 4616 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-19608.exe
2025-03-14 16:23:18,796 [analyzer] INFO: Added new file to list with pid 3924 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-33343.exe
2025-03-14 16:23:18,875 [analyzer] INFO: Added new file to list with pid 3552 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-25175.exe
2025-03-14 16:23:18,967 [analyzer] INFO: Added new file to list with pid 4724 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-56557.exe
2025-03-14 16:23:18,967 [analyzer] INFO: Added new file to list with pid 3968 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4755.exe
2025-03-14 16:23:18,983 [analyzer] INFO: Added new file to list with pid 2436 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-14704.exe
2025-03-14 16:23:19,030 [analyzer] INFO: Added new file to list with pid 3424 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-8839.exe
2025-03-14 16:23:19,078 [analyzer] DEBUG: Loaded monitor into process with pid 5880
2025-03-14 16:23:19,078 [analyzer] INFO: Added new file to list with pid 2448 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6039.exe
2025-03-14 16:23:19,078 [analyzer] INFO: Added new file to list with pid 3444 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-60641.exe
2025-03-14 16:23:19,092 [analyzer] INFO: Added new file to list with pid 4480 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-60641.exe
2025-03-14 16:23:19,108 [analyzer] INFO: Added new file to list with pid 1720 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-55041.exe
2025-03-14 16:23:19,217 [analyzer] DEBUG: Loaded monitor into process with pid 5872
2025-03-14 16:23:19,250 [analyzer] DEBUG: Loaded monitor into process with pid 5912
2025-03-14 16:23:19,280 [analyzer] DEBUG: Loaded monitor into process with pid 5904
2025-03-14 16:23:19,358 [analyzer] INFO: Added new file to list with pid 2108 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-11772.exe
2025-03-14 16:23:19,453 [analyzer] DEBUG: Loaded monitor into process with pid 5984
2025-03-14 16:23:19,467 [analyzer] INFO: Injected into process with pid 6076 and name u'Unicorn-42384.exe'
2025-03-14 16:23:19,562 [analyzer] INFO: Injected into process with pid 6096 and name u'Unicorn-8965.exe'
2025-03-14 16:23:19,578 [analyzer] INFO: Injected into process with pid 6136 and name u'Unicorn-45649.exe'
2025-03-14 16:23:19,592 [analyzer] INFO: Injected into process with pid 4848 and name u'Unicorn-23956.exe'
2025-03-14 16:23:19,608 [analyzer] INFO: Injected into process with pid 4400 and name u'Unicorn-19608.exe'
2025-03-14 16:23:19,608 [analyzer] INFO: Injected into process with pid 5196 and name u'Unicorn-33343.exe'
2025-03-14 16:23:19,640 [analyzer] INFO: Injected into process with pid 5208 and name u'Unicorn-33343.exe'
2025-03-14 16:23:19,655 [analyzer] INFO: Injected into process with pid 5312 and name u'Unicorn-25175.exe'
2025-03-14 16:23:19,655 [analyzer] INFO: Injected into process with pid 5616 and name u'Unicorn-55041.exe'
2025-03-14 16:23:19,655 [analyzer] INFO: Injected into process with pid 5592 and name u'Unicorn-8839.exe'
2025-03-14 16:23:19,655 [analyzer] INFO: Injected into process with pid 5472 and name u'Unicorn-56557.exe'
2025-03-14 16:23:19,717 [analyzer] INFO: Injected into process with pid 5524 and name u'Unicorn-14704.exe'
2025-03-14 16:23:19,717 [analyzer] INFO: Injected into process with pid 5568 and name u'Unicorn-4755.exe'
2025-03-14 16:23:19,733 [analyzer] INFO: Injected into process with pid 5724 and name u'Unicorn-6039.exe'
2025-03-14 16:23:19,796 [analyzer] INFO: Injected into process with pid 5708 and name u'Unicorn-6039.exe'
2025-03-14 16:23:19,796 [analyzer] INFO: Injected into process with pid 5588 and name u'Unicorn-60641.exe'
2025-03-14 16:23:19,812 [analyzer] DEBUG: Loaded monitor into process with pid 6076
2025-03-14 16:23:19,858 [analyzer] INFO: Injected into process with pid 5792 and name u'Unicorn-11772.exe'
2025-03-14 16:23:19,890 [analyzer] DEBUG: Loaded monitor into process with pid 6096
2025-03-14 16:23:19,953 [analyzer] DEBUG: Loaded monitor into process with pid 4848
2025-03-14 16:23:19,967 [analyzer] DEBUG: Loaded monitor into process with pid 5616
2025-03-14 16:23:20,030 [analyzer] DEBUG: Loaded monitor into process with pid 5568
2025-03-14 16:23:20,046 [analyzer] DEBUG: Loaded monitor into process with pid 5196
2025-03-14 16:23:20,062 [analyzer] DEBUG: Loaded monitor into process with pid 5472
2025-03-14 16:23:20,062 [analyzer] DEBUG: Loaded monitor into process with pid 5724
2025-03-14 16:23:20,092 [analyzer] DEBUG: Loaded monitor into process with pid 4400
2025-03-14 16:23:20,108 [analyzer] DEBUG: Loaded monitor into process with pid 5592
2025-03-14 16:23:20,125 [analyzer] DEBUG: Loaded monitor into process with pid 5524
2025-03-14 16:23:20,187 [analyzer] DEBUG: Loaded monitor into process with pid 6136
2025-03-14 16:23:20,217 [analyzer] DEBUG: Loaded monitor into process with pid 5208
2025-03-14 16:23:20,250 [analyzer] DEBUG: Loaded monitor into process with pid 5312
2025-03-14 16:23:20,265 [analyzer] DEBUG: Loaded monitor into process with pid 5588
2025-03-14 16:23:20,280 [analyzer] DEBUG: Loaded monitor into process with pid 5792
2025-03-14 16:23:20,312 [analyzer] DEBUG: Loaded monitor into process with pid 5708
2025-03-14 16:23:21,467 [analyzer] INFO: Added new file to list with pid 4008 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-21898.exe
2025-03-14 16:23:21,625 [analyzer] INFO: Added new file to list with pid 2996 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4528.exe
2025-03-14 16:23:21,625 [analyzer] INFO: Added new file to list with pid 3032 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-44864.exe
2025-03-14 16:23:21,733 [analyzer] INFO: Injected into process with pid 5840 and name u'Unicorn-21898.exe'
2025-03-14 16:23:21,780 [analyzer] INFO: Added new file to list with pid 3328 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-49837.exe
2025-03-14 16:23:21,858 [analyzer] INFO: Injected into process with pid 1352 and name u'Unicorn-4528.exe'
2025-03-14 16:23:21,890 [analyzer] INFO: Injected into process with pid 2508 and name u'Unicorn-44864.exe'
2025-03-14 16:23:21,921 [analyzer] DEBUG: Loaded monitor into process with pid 5840
2025-03-14 16:23:21,967 [analyzer] INFO: Injected into process with pid 6208 and name u'Unicorn-49837.exe'
2025-03-14 16:23:22,062 [analyzer] DEBUG: Loaded monitor into process with pid 1352
2025-03-14 16:23:22,092 [analyzer] DEBUG: Loaded monitor into process with pid 2508
2025-03-14 16:23:22,233 [analyzer] DEBUG: Loaded monitor into process with pid 6208
2025-03-14 16:23:22,233 [analyzer] INFO: Added new file to list with pid 2436 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-25795.exe
2025-03-14 16:23:22,280 [analyzer] INFO: Added new file to list with pid 2584 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-38040.exe
2025-03-14 16:23:22,280 [analyzer] INFO: Added new file to list with pid 2972 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-55106.exe
2025-03-14 16:23:22,296 [analyzer] INFO: Added new file to list with pid 3444 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-57376.exe
2025-03-14 16:23:22,312 [analyzer] INFO: Added new file to list with pid 3640 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-63241.exe
2025-03-14 16:23:22,312 [analyzer] INFO: Added new file to list with pid 3424 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-63241.exe
2025-03-14 16:23:22,405 [analyzer] INFO: Added new file to list with pid 3788 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5872.exe
2025-03-14 16:23:22,405 [analyzer] INFO: Added new file to list with pid 4048 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-51809.exe
2025-03-14 16:23:22,578 [analyzer] INFO: Injected into process with pid 6276 and name u'Unicorn-25795.exe'
2025-03-14 16:23:22,592 [analyzer] INFO: Injected into process with pid 6308 and name u'Unicorn-38040.exe'
2025-03-14 16:23:22,608 [analyzer] INFO: Injected into process with pid 6332 and name u'Unicorn-63241.exe'
2025-03-14 16:23:22,640 [analyzer] INFO: Injected into process with pid 6300 and name u'Unicorn-55106.exe'
2025-03-14 16:23:22,655 [analyzer] INFO: Injected into process with pid 6316 and name u'Unicorn-57376.exe'
2025-03-14 16:23:22,671 [analyzer] INFO: Injected into process with pid 6412 and name u'Unicorn-51809.exe'
2025-03-14 16:23:22,703 [analyzer] INFO: Injected into process with pid 6396 and name u'Unicorn-5872.exe'
2025-03-14 16:23:22,717 [analyzer] INFO: Injected into process with pid 6420 and name u'Unicorn-51809.exe'
2025-03-14 16:23:22,812 [analyzer] DEBUG: Loaded monitor into process with pid 6276
2025-03-14 16:23:22,842 [analyzer] DEBUG: Loaded monitor into process with pid 6308
2025-03-14 16:23:22,875 [analyzer] DEBUG: Loaded monitor into process with pid 6332
2025-03-14 16:23:22,905 [analyzer] DEBUG: Loaded monitor into process with pid 6300
2025-03-14 16:23:22,937 [analyzer] DEBUG: Loaded monitor into process with pid 6316
2025-03-14 16:23:22,967 [analyzer] DEBUG: Loaded monitor into process with pid 6412
2025-03-14 16:23:23,140 [analyzer] DEBUG: Loaded monitor into process with pid 6396
2025-03-14 16:23:23,171 [analyzer] DEBUG: Loaded monitor into process with pid 6420
2025-03-14 16:23:24,983 [analyzer] INFO: Added new file to list with pid 3696 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-42192.exe
2025-03-14 16:23:25,108 [analyzer] INFO: Added new file to list with pid 1944 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-39771.exe
2025-03-14 16:23:25,342 [analyzer] INFO: Added new file to list with pid 3772 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-51512.exe
2025-03-14 16:23:25,342 [analyzer] INFO: Injected into process with pid 6640 and name u'Unicorn-42192.exe'
2025-03-14 16:23:25,358 [analyzer] INFO: Added new file to list with pid 3444 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4092.exe
2025-03-14 16:23:25,421 [analyzer] INFO: Added new file to list with pid 3640 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-24207.exe
2025-03-14 16:23:25,437 [analyzer] INFO: Injected into process with pid 6664 and name u'Unicorn-39771.exe'
2025-03-14 16:23:25,453 [analyzer] INFO: Added new file to list with pid 4076 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-25524.exe
2025-03-14 16:23:25,733 [analyzer] INFO: Added new file to list with pid 4792 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-29032.exe
2025-03-14 16:23:25,750 [analyzer] DEBUG: Loaded monitor into process with pid 6640
2025-03-14 16:23:25,780 [analyzer] DEBUG: Loaded monitor into process with pid 6664
2025-03-14 16:23:25,812 [analyzer] INFO: Injected into process with pid 6720 and name u'Unicorn-51512.exe'
2025-03-14 16:23:25,858 [analyzer] INFO: Injected into process with pid 6752 and name u'Unicorn-24207.exe'
2025-03-14 16:23:25,875 [analyzer] INFO: Injected into process with pid 6768 and name u'Unicorn-25524.exe'
2025-03-14 16:23:25,890 [analyzer] INFO: Injected into process with pid 6728 and name u'Unicorn-4092.exe'
2025-03-14 16:23:25,967 [analyzer] INFO: Added new file to list with pid 3472 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-38876.exe
2025-03-14 16:23:26,108 [analyzer] DEBUG: Loaded monitor into process with pid 6752
2025-03-14 16:23:26,108 [analyzer] DEBUG: Loaded monitor into process with pid 6720
2025-03-14 16:23:26,125 [analyzer] INFO: Injected into process with pid 6864 and name u'Unicorn-29032.exe'
2025-03-14 16:23:26,140 [analyzer] DEBUG: Loaded monitor into process with pid 6768
2025-03-14 16:23:26,155 [analyzer] DEBUG: Loaded monitor into process with pid 6728
2025-03-14 16:23:26,203 [analyzer] INFO: Added new file to list with pid 3080 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-45701.exe
2025-03-14 16:23:26,265 [analyzer] INFO: Injected into process with pid 6920 and name u'Unicorn-38876.exe'
2025-03-14 16:23:26,405 [analyzer] DEBUG: Loaded monitor into process with pid 6864
2025-03-14 16:23:26,500 [analyzer] INFO: Added new file to list with pid 4816 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-50242.exe
2025-03-14 16:23:26,640 [analyzer] INFO: Added new file to list with pid 3188 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-23115.exe
2025-03-14 16:23:26,640 [analyzer] INFO: Added new file to list with pid 2616 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-20315.exe
2025-03-14 16:23:26,655 [analyzer] INFO: Injected into process with pid 6980 and name u'Unicorn-45701.exe'
2025-03-14 16:23:26,687 [analyzer] DEBUG: Loaded monitor into process with pid 6920
2025-03-14 16:23:26,796 [analyzer] INFO: Injected into process with pid 7024 and name u'Unicorn-50242.exe'
2025-03-14 16:23:26,921 [analyzer] DEBUG: Loaded monitor into process with pid 6980
2025-03-14 16:23:26,967 [analyzer] INFO: Injected into process with pid 7068 and name u'Unicorn-20315.exe'
2025-03-14 16:23:27,078 [analyzer] DEBUG: Loaded monitor into process with pid 7024
2025-03-14 16:23:27,092 [analyzer] INFO: Injected into process with pid 7060 and name u'Unicorn-23115.exe'
2025-03-14 16:23:27,203 [analyzer] INFO: Added new file to list with pid 4552 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-30398.exe
2025-03-14 16:23:27,265 [analyzer] INFO: Added new file to list with pid 3528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-50818.exe
2025-03-14 16:23:27,265 [analyzer] INFO: Added new file to list with pid 3752 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-38566.exe
2025-03-14 16:23:27,312 [analyzer] DEBUG: Loaded monitor into process with pid 7068
2025-03-14 16:23:27,467 [analyzer] DEBUG: Loaded monitor into process with pid 7060
2025-03-14 16:23:27,546 [analyzer] INFO: Added new file to list with pid 3548 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-62686.exe
2025-03-14 16:23:27,562 [analyzer] INFO: Added new file to list with pid 3392 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-62686.exe
2025-03-14 16:23:27,625 [analyzer] INFO: Injected into process with pid 580 and name u'Unicorn-30398.exe'
2025-03-14 16:23:27,671 [analyzer] INFO: Injected into process with pid 6188 and name u'Unicorn-38566.exe'
2025-03-14 16:23:27,687 [analyzer] INFO: Injected into process with pid 6180 and name u'Unicorn-50818.exe'
2025-03-14 16:23:27,812 [analyzer] INFO: Added new file to list with pid 4036 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-43012.exe
2025-03-14 16:23:27,842 [analyzer] INFO: Added new file to list with pid 356 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-62878.exe
2025-03-14 16:23:27,953 [analyzer] DEBUG: Loaded monitor into process with pid 580
2025-03-14 16:23:27,953 [analyzer] INFO: Injected into process with pid 6360 and name u'Unicorn-62686.exe'
2025-03-14 16:23:27,983 [analyzer] DEBUG: Loaded monitor into process with pid 6180
2025-03-14 16:23:28,015 [analyzer] INFO: Added new file to list with pid 4244 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-50626.exe
2025-03-14 16:23:28,078 [analyzer] DEBUG: Loaded monitor into process with pid 6188
2025-03-14 16:23:28,171 [analyzer] INFO: Injected into process with pid 6452 and name u'Unicorn-43012.exe'
2025-03-14 16:23:28,233 [analyzer] INFO: Injected into process with pid 6516 and name u'Unicorn-62878.exe'
2025-03-14 16:23:28,250 [analyzer] DEBUG: Loaded monitor into process with pid 6360
2025-03-14 16:23:28,312 [analyzer] INFO: Injected into process with pid 6532 and name u'Unicorn-50626.exe'
2025-03-14 16:23:28,390 [analyzer] INFO: Added new file to list with pid 3764 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6625.exe
2025-03-14 16:23:28,437 [analyzer] DEBUG: Loaded monitor into process with pid 6452
2025-03-14 16:23:28,500 [analyzer] DEBUG: Loaded monitor into process with pid 6516
2025-03-14 16:23:28,592 [analyzer] DEBUG: Loaded monitor into process with pid 6532
2025-03-14 16:23:28,750 [analyzer] INFO: Injected into process with pid 6776 and name u'Unicorn-6625.exe'
2025-03-14 16:23:28,796 [analyzer] INFO: Added new file to list with pid 3304 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35576.exe
2025-03-14 16:23:28,937 [analyzer] INFO: Added new file to list with pid 3720 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-22770.exe
2025-03-14 16:23:29,062 [analyzer] DEBUG: Loaded monitor into process with pid 6776
2025-03-14 16:23:29,140 [analyzer] INFO: Injected into process with pid 6852 and name u'Unicorn-35576.exe'
2025-03-14 16:23:29,187 [analyzer] INFO: Added new file to list with pid 4084 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-3864.exe
2025-03-14 16:23:29,203 [analyzer] INFO: Added new file to list with pid 3416 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-23465.exe
2025-03-14 16:23:29,250 [analyzer] INFO: Added new file to list with pid 324 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-14799.exe
2025-03-14 16:23:29,342 [analyzer] INFO: Added new file to list with pid 4516 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35982.exe
2025-03-14 16:23:29,483 [analyzer] INFO: Injected into process with pid 2460 and name u'Unicorn-22770.exe'
2025-03-14 16:23:29,608 [analyzer] DEBUG: Loaded monitor into process with pid 6852
2025-03-14 16:23:29,640 [analyzer] INFO: Injected into process with pid 7080 and name u'Unicorn-23465.exe'
2025-03-14 16:23:29,765 [analyzer] DEBUG: Loaded monitor into process with pid 2460
2025-03-14 16:23:29,780 [analyzer] INFO: Injected into process with pid 7048 and name u'Unicorn-3864.exe'
2025-03-14 16:23:29,828 [analyzer] INFO: Injected into process with pid 800 and name u'Unicorn-35982.exe'
2025-03-14 16:23:29,828 [analyzer] INFO: Injected into process with pid 7100 and name u'Unicorn-14799.exe'
2025-03-14 16:23:29,828 [analyzer] INFO: Injected into process with pid 7104 and name u'Unicorn-23465.exe'
2025-03-14 16:23:30,046 [analyzer] DEBUG: Loaded monitor into process with pid 7080
2025-03-14 16:23:30,078 [analyzer] DEBUG: Loaded monitor into process with pid 7104
2025-03-14 16:23:30,092 [analyzer] DEBUG: Loaded monitor into process with pid 7048
2025-03-14 16:23:30,108 [analyzer] DEBUG: Loaded monitor into process with pid 7100
2025-03-14 16:23:30,155 [analyzer] DEBUG: Loaded monitor into process with pid 800
2025-03-14 16:23:30,546 [analyzer] INFO: Added new file to list with pid 3872 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-52702.exe
2025-03-14 16:23:37,078 [analyzer] INFO: Added new file to list with pid 3548 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-26308.exe
2025-03-14 16:23:37,171 [analyzer] INFO: Added new file to list with pid 3480 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-58161.exe
2025-03-14 16:23:37,671 [analyzer] INFO: Added new file to list with pid 3980 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-58426.exe
2025-03-14 16:23:38,092 [analyzer] INFO: Added new file to list with pid 3708 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-31160.exe
2025-03-14 16:23:38,125 [analyzer] INFO: Added new file to list with pid 4724 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-44896.exe
2025-03-14 16:23:38,203 [analyzer] INFO: Added new file to list with pid 3608 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-63013.exe
2025-03-14 16:23:38,217 [analyzer] INFO: Added new file to list with pid 2236 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-54348.exe
2025-03-14 16:23:38,250 [analyzer] INFO: Added new file to list with pid 4616 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-57148.exe
2025-03-14 16:23:38,280 [analyzer] INFO: Added new file to list with pid 1720 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-54878.exe
2025-03-14 16:23:39,342 [analyzer] INFO: Added new file to list with pid 3968 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-39277.exe
2025-03-14 16:23:39,358 [analyzer] INFO: Added new file to list with pid 3172 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59200.exe
2025-03-14 16:23:39,375 [analyzer] INFO: Added new file to list with pid 1084 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-42664.exe
2025-03-14 16:23:39,530 [analyzer] INFO: Added new file to list with pid 2108 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-30803.exe
2025-03-14 16:23:39,671 [analyzer] INFO: Added new file to list with pid 4664 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5015.exe
2025-03-14 16:23:39,983 [analyzer] INFO: Injected into process with pid 6632 and name u'Unicorn-52702.exe'
2025-03-14 16:23:40,453 [analyzer] INFO: Added new file to list with pid 3396 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-31182.exe
2025-03-14 16:23:40,592 [analyzer] INFO: Injected into process with pid 6228 and name u'Unicorn-26308.exe'
2025-03-14 16:23:40,592 [analyzer] INFO: Injected into process with pid 6340 and name u'Unicorn-26308.exe'
2025-03-14 16:23:40,625 [analyzer] INFO: Injected into process with pid 3012 and name u'Unicorn-58161.exe'
2025-03-14 16:23:40,655 [analyzer] INFO: Injected into process with pid 1872 and name u'Unicorn-58426.exe'
2025-03-14 16:23:41,046 [analyzer] INFO: Injected into process with pid 6892 and name u'Unicorn-44896.exe'
2025-03-14 16:23:41,171 [analyzer] INFO: Added new file to list with pid 4792 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-47200.exe
2025-03-14 16:23:41,187 [analyzer] INFO: Added new file to list with pid 3032 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-44930.exe
2025-03-14 16:23:41,217 [analyzer] INFO: Injected into process with pid 6888 and name u'Unicorn-63013.exe'
2025-03-14 16:23:41,217 [analyzer] INFO: Injected into process with pid 2392 and name u'Unicorn-54878.exe'
2025-03-14 16:23:41,217 [analyzer] INFO: Added new file to list with pid 1944 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-50928.exe
2025-03-14 16:23:41,217 [analyzer] INFO: Injected into process with pid 6700 and name u'Unicorn-31160.exe'
2025-03-14 16:23:41,217 [analyzer] INFO: Injected into process with pid 2464 and name u'Unicorn-63013.exe'
2025-03-14 16:23:41,217 [analyzer] INFO: Injected into process with pid 988 and name u'Unicorn-57148.exe'
2025-03-14 16:23:41,217 [analyzer] INFO: Injected into process with pid 2068 and name u'Unicorn-63013.exe'
2025-03-14 16:23:41,233 [analyzer] INFO: Injected into process with pid 1068 and name u'Unicorn-63013.exe'
2025-03-14 16:23:41,250 [analyzer] INFO: Injected into process with pid 6896 and name u'Unicorn-54348.exe'
2025-03-14 16:23:41,296 [analyzer] DEBUG: Loaded monitor into process with pid 6632
2025-03-14 16:23:41,390 [analyzer] INFO: Added new file to list with pid 2972 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-44011.exe
2025-03-14 16:23:41,390 [analyzer] INFO: Added new file to list with pid 2616 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-48476.exe
2025-03-14 16:23:41,453 [analyzer] INFO: Added new file to list with pid 3080 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-65012.exe
2025-03-14 16:23:41,453 [analyzer] INFO: Added new file to list with pid 2584 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5.exe
2025-03-14 16:23:41,640 [analyzer] INFO: Added new file to list with pid 3472 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-12224.exe
2025-03-14 16:23:41,640 [analyzer] INFO: Added new file to list with pid 3788 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-3559.exe
2025-03-14 16:23:41,640 [analyzer] INFO: Added new file to list with pid 4480 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-12224.exe
2025-03-14 16:23:41,640 [analyzer] INFO: Added new file to list with pid 3772 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-12224.exe
2025-03-14 16:23:41,640 [analyzer] INFO: Added new file to list with pid 4076 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6359.exe
2025-03-14 16:23:41,640 [analyzer] INFO: Added new file to list with pid 4048 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6359.exe
2025-03-14 16:23:41,640 [analyzer] INFO: Added new file to list with pid 3188 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-32645.exe
2025-03-14 16:23:41,640 [analyzer] INFO: Added new file to list with pid 4816 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-13044.exe
2025-03-14 16:23:41,640 [analyzer] INFO: Added new file to list with pid 3424 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-3559.exe
2025-03-14 16:23:41,655 [analyzer] INFO: Added new file to list with pid 3696 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-12224.exe
2025-03-14 16:23:41,640 [analyzer] INFO: Added new file to list with pid 3444 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-3559.exe
2025-03-14 16:23:41,655 [analyzer] INFO: Added new file to list with pid 3640 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-3559.exe
2025-03-14 16:23:41,640 [analyzer] INFO: Added new file to list with pid 3348 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6359.exe
2025-03-14 16:23:41,655 [analyzer] INFO: Added new file to list with pid 1364 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-20425.exe
2025-03-14 16:23:41,655 [analyzer] INFO: Added new file to list with pid 4008 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-29572.exe
2025-03-14 16:23:41,717 [analyzer] INFO: Injected into process with pid 7304 and name u'Unicorn-59200.exe'
2025-03-14 16:23:41,828 [analyzer] INFO: Injected into process with pid 7348 and name u'Unicorn-30803.exe'
2025-03-14 16:23:41,812 [analyzer] INFO: Injected into process with pid 7280 and name u'Unicorn-39277.exe'
2025-03-14 16:23:41,812 [analyzer] DEBUG: Loaded monitor into process with pid 6228
2025-03-14 16:23:41,828 [analyzer] INFO: Injected into process with pid 7392 and name u'Unicorn-5015.exe'
2025-03-14 16:23:41,828 [analyzer] INFO: Injected into process with pid 7312 and name u'Unicorn-42664.exe'
2025-03-14 16:23:41,842 [analyzer] DEBUG: Loaded monitor into process with pid 6340
2025-03-14 16:23:41,983 [analyzer] DEBUG: Loaded monitor into process with pid 2392
2025-03-14 16:23:42,030 [analyzer] DEBUG: Loaded monitor into process with pid 1872
2025-03-14 16:23:42,030 [analyzer] DEBUG: Loaded monitor into process with pid 6888
2025-03-14 16:23:42,078 [analyzer] DEBUG: Loaded monitor into process with pid 6892
2025-03-14 16:23:42,140 [analyzer] DEBUG: Loaded monitor into process with pid 6700
2025-03-14 16:23:42,217 [analyzer] DEBUG: Loaded monitor into process with pid 988
2025-03-14 16:23:42,233 [analyzer] DEBUG: Loaded monitor into process with pid 2464
2025-03-14 16:23:42,265 [analyzer] DEBUG: Loaded monitor into process with pid 6896
2025-03-14 16:23:42,265 [analyzer] DEBUG: Loaded monitor into process with pid 1068
2025-03-14 16:23:42,280 [analyzer] DEBUG: Loaded monitor into process with pid 3012
2025-03-14 16:23:42,296 [analyzer] INFO: Added new file to list with pid 4376 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-11211.exe
2025-03-14 16:23:42,312 [analyzer] INFO: Added new file to list with pid 2448 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-57413.exe
2025-03-14 16:23:42,467 [analyzer] DEBUG: Loaded monitor into process with pid 2068
2025-03-14 16:23:42,592 [analyzer] INFO: Added new file to list with pid 3528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-22172.exe
2025-03-14 16:23:42,671 [analyzer] INFO: Injected into process with pid 7524 and name u'Unicorn-31182.exe'
2025-03-14 16:23:42,812 [analyzer] INFO: Added new file to list with pid 356 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-54461.exe
2025-03-14 16:23:42,812 [analyzer] INFO: Added new file to list with pid 4036 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-2659.exe
2025-03-14 16:23:42,953 [analyzer] DEBUG: Loaded monitor into process with pid 7280
2025-03-14 16:23:42,953 [analyzer] DEBUG: Loaded monitor into process with pid 7392
2025-03-14 16:23:43,000 [analyzer] DEBUG: Loaded monitor into process with pid 7348
2025-03-14 16:23:43,000 [analyzer] DEBUG: Loaded monitor into process with pid 7304
2025-03-14 16:23:43,000 [analyzer] DEBUG: Loaded monitor into process with pid 7312
2025-03-14 16:23:43,078 [analyzer] INFO: Injected into process with pid 7648 and name u'Unicorn-50928.exe'
2025-03-14 16:23:43,125 [analyzer] INFO: Injected into process with pid 7628 and name u'Unicorn-47200.exe'
2025-03-14 16:23:43,140 [analyzer] INFO: Injected into process with pid 7636 and name u'Unicorn-44930.exe'
2025-03-14 16:23:43,187 [analyzer] INFO: Added new file to list with pid 3304 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-56904.exe
2025-03-14 16:23:43,203 [analyzer] INFO: Injected into process with pid 7676 and name u'Unicorn-48476.exe'
2025-03-14 16:23:43,217 [analyzer] INFO: Injected into process with pid 7684 and name u'Unicorn-44011.exe'
2025-03-14 16:23:43,312 [analyzer] DEBUG: Loaded monitor into process with pid 7524
2025-03-14 16:23:43,342 [analyzer] INFO: Injected into process with pid 7768 and name u'Unicorn-48476.exe'
2025-03-14 16:23:43,342 [analyzer] INFO: Injected into process with pid 7756 and name u'Unicorn-65012.exe'
2025-03-14 16:23:43,342 [analyzer] INFO: Injected into process with pid 7776 and name u'Unicorn-48476.exe'
2025-03-14 16:23:43,358 [analyzer] INFO: Injected into process with pid 7716 and name u'Unicorn-5.exe'
2025-03-14 16:23:43,467 [analyzer] DEBUG: Loaded monitor into process with pid 7648
2025-03-14 16:23:43,467 [analyzer] INFO: Injected into process with pid 7888 and name u'Unicorn-32645.exe'
2025-03-14 16:23:43,500 [analyzer] DEBUG: Loaded monitor into process with pid 7628
2025-03-14 16:23:43,500 [analyzer] INFO: Injected into process with pid 7968 and name u'Unicorn-29572.exe'
2025-03-14 16:23:43,500 [analyzer] INFO: Injected into process with pid 7928 and name u'Unicorn-12224.exe'
2025-03-14 16:23:43,500 [analyzer] INFO: Injected into process with pid 7960 and name u'Unicorn-20425.exe'
2025-03-14 16:23:43,515 [analyzer] INFO: Injected into process with pid 7948 and name u'Unicorn-6359.exe'
2025-03-14 16:23:43,515 [analyzer] INFO: Injected into process with pid 7916 and name u'Unicorn-13044.exe'
2025-03-14 16:23:43,530 [analyzer] INFO: Injected into process with pid 7940 and name u'Unicorn-3559.exe'
2025-03-14 16:23:43,546 [analyzer] INFO: Injected into process with pid 4716 and name u'Unicorn-57413.exe'
2025-03-14 16:23:43,546 [analyzer] INFO: Injected into process with pid 8188 and name u'Unicorn-11211.exe'
2025-03-14 16:23:43,608 [analyzer] DEBUG: Loaded monitor into process with pid 7636
2025-03-14 16:23:43,640 [analyzer] DEBUG: Loaded monitor into process with pid 7676
2025-03-14 16:23:43,687 [analyzer] INFO: Injected into process with pid 2452 and name u'Unicorn-22172.exe'
2025-03-14 16:23:43,687 [analyzer] DEBUG: Loaded monitor into process with pid 7684
2025-03-14 16:23:43,687 [analyzer] INFO: Injected into process with pid 2880 and name u'Unicorn-22172.exe'
2025-03-14 16:23:43,703 [analyzer] INFO: Injected into process with pid 5180 and name u'Unicorn-22172.exe'
2025-03-14 16:23:43,703 [analyzer] INFO: Added new file to list with pid 4084 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-7511.exe
2025-03-14 16:23:43,703 [analyzer] INFO: Added new file to list with pid 324 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53713.exe
2025-03-14 16:23:43,717 [analyzer] INFO: Injected into process with pid 7276 and name u'Unicorn-54461.exe'
2025-03-14 16:23:43,717 [analyzer] INFO: Injected into process with pid 7292 and name u'Unicorn-54461.exe'
2025-03-14 16:23:43,717 [analyzer] INFO: Added new file to list with pid 3416 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-4711.exe
2025-03-14 16:23:43,717 [analyzer] INFO: Injected into process with pid 7376 and name u'Unicorn-54461.exe'
2025-03-14 16:23:43,717 [analyzer] INFO: Added new file to list with pid 4516 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-59313.exe
2025-03-14 16:23:43,733 [analyzer] INFO: Injected into process with pid 2780 and name u'Unicorn-2659.exe'
2025-03-14 16:23:43,780 [analyzer] INFO: Added new file to list with pid 3360 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-37383.exe
2025-03-14 16:23:43,780 [analyzer] INFO: Added new file to list with pid 3720 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-26448.exe
2025-03-14 16:23:44,062 [analyzer] DEBUG: Loaded monitor into process with pid 7776
2025-03-14 16:23:44,092 [analyzer] DEBUG: Loaded monitor into process with pid 7716
2025-03-14 16:23:44,108 [analyzer] DEBUG: Loaded monitor into process with pid 7756
2025-03-14 16:23:44,125 [analyzer] INFO: Injected into process with pid 7564 and name u'Unicorn-56904.exe'
2025-03-14 16:23:44,125 [analyzer] DEBUG: Loaded monitor into process with pid 7768
2025-03-14 16:23:44,171 [analyzer] DEBUG: Loaded monitor into process with pid 7948
2025-03-14 16:23:44,312 [analyzer] INFO: Injected into process with pid 2012 and name u'Unicorn-26448.exe'
2025-03-14 16:23:44,312 [analyzer] INFO: Injected into process with pid 1936 and name u'Unicorn-37383.exe'
2025-03-14 16:23:44,375 [analyzer] DEBUG: Loaded monitor into process with pid 7968
2025-03-14 16:23:44,405 [analyzer] DEBUG: Loaded monitor into process with pid 7940
2025-03-14 16:23:44,405 [analyzer] DEBUG: Loaded monitor into process with pid 7928
2025-03-14 16:23:44,405 [analyzer] DEBUG: Loaded monitor into process with pid 2880
2025-03-14 16:23:44,405 [analyzer] DEBUG: Loaded monitor into process with pid 8188
2025-03-14 16:23:44,405 [analyzer] DEBUG: Loaded monitor into process with pid 7916
2025-03-14 16:23:44,437 [analyzer] DEBUG: Loaded monitor into process with pid 7960
2025-03-14 16:23:44,437 [analyzer] DEBUG: Loaded monitor into process with pid 7888
2025-03-14 16:23:44,467 [analyzer] INFO: Injected into process with pid 8148 and name u'Unicorn-53713.exe'
2025-03-14 16:23:44,467 [analyzer] INFO: Injected into process with pid 8032 and name u'Unicorn-7511.exe'
2025-03-14 16:23:44,467 [analyzer] INFO: Injected into process with pid 7500 and name u'Unicorn-59313.exe'
2025-03-14 16:23:44,467 [analyzer] DEBUG: Loaded monitor into process with pid 7564
2025-03-14 16:23:44,546 [analyzer] INFO: Injected into process with pid 8184 and name u'Unicorn-4711.exe'
2025-03-14 16:23:44,562 [analyzer] DEBUG: Loaded monitor into process with pid 4716
2025-03-14 16:23:44,655 [analyzer] INFO: Added new file to list with pid 3080 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-13508.exe
2025-03-14 16:23:44,655 [analyzer] DEBUG: Loaded monitor into process with pid 7376
2025-03-14 16:23:44,750 [analyzer] DEBUG: Loaded monitor into process with pid 7292
2025-03-14 16:23:44,842 [analyzer] DEBUG: Loaded monitor into process with pid 2780
2025-03-14 16:23:44,842 [analyzer] DEBUG: Loaded monitor into process with pid 7500
2025-03-14 16:23:44,875 [analyzer] DEBUG: Loaded monitor into process with pid 8032
2025-03-14 16:23:44,890 [analyzer] DEBUG: Loaded monitor into process with pid 1936
2025-03-14 16:23:44,905 [analyzer] DEBUG: Loaded monitor into process with pid 7276
2025-03-14 16:23:44,953 [analyzer] INFO: Added new file to list with pid 3472 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-5539.exe
2025-03-14 16:23:44,983 [analyzer] DEBUG: Loaded monitor into process with pid 8148
2025-03-14 16:23:45,000 [analyzer] DEBUG: Loaded monitor into process with pid 8184
2025-03-14 16:23:45,000 [analyzer] DEBUG: Loaded monitor into process with pid 2012
2025-03-14 16:23:45,062 [analyzer] DEBUG: Loaded monitor into process with pid 5180
2025-03-14 16:23:45,108 [analyzer] INFO: Added new file to list with pid 4076 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6996.exe
2025-03-14 16:23:45,125 [analyzer] INFO: Added new file to list with pid 3772 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-55700.exe
2025-03-14 16:23:45,171 [analyzer] INFO: Added new file to list with pid 3424 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-14660.exe
2025-03-14 16:23:45,171 [analyzer] INFO: Added new file to list with pid 3788 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-39164.exe
2025-03-14 16:23:45,250 [analyzer] DEBUG: Loaded monitor into process with pid 2452
2025-03-14 16:23:45,437 [analyzer] INFO: Injected into process with pid 572 and name u'Unicorn-13508.exe'
2025-03-14 16:23:45,828 [analyzer] INFO: Injected into process with pid 8200 and name u'Unicorn-5539.exe'
2025-03-14 16:23:45,890 [analyzer] INFO: Added new file to list with pid 3528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-17275.exe
2025-03-14 16:23:45,921 [analyzer] INFO: Injected into process with pid 8236 and name u'Unicorn-6996.exe'
2025-03-14 16:23:46,000 [analyzer] INFO: Injected into process with pid 8332 and name u'Unicorn-55700.exe'
2025-03-14 16:23:46,000 [analyzer] INFO: Injected into process with pid 8244 and name u'Unicorn-55700.exe'
2025-03-14 16:23:46,078 [analyzer] INFO: Injected into process with pid 8300 and name u'Unicorn-14660.exe'
2025-03-14 16:23:46,092 [analyzer] INFO: Injected into process with pid 8308 and name u'Unicorn-39164.exe'
2025-03-14 16:23:46,092 [analyzer] INFO: Injected into process with pid 8292 and name u'Unicorn-14660.exe'
2025-03-14 16:23:46,108 [analyzer] INFO: Injected into process with pid 8316 and name u'Unicorn-6996.exe'
2025-03-14 16:23:46,108 [analyzer] DEBUG: Loaded monitor into process with pid 572
2025-03-14 16:23:46,280 [analyzer] INFO: Injected into process with pid 8488 and name u'Unicorn-17275.exe'
2025-03-14 16:23:46,342 [analyzer] DEBUG: Loaded monitor into process with pid 8200
2025-03-14 16:23:46,405 [analyzer] DEBUG: Loaded monitor into process with pid 8292
2025-03-14 16:23:46,467 [analyzer] DEBUG: Loaded monitor into process with pid 8236
2025-03-14 16:23:46,530 [analyzer] DEBUG: Loaded monitor into process with pid 8332
2025-03-14 16:23:46,562 [analyzer] DEBUG: Loaded monitor into process with pid 8244
2025-03-14 16:23:46,671 [analyzer] DEBUG: Loaded monitor into process with pid 8300
2025-03-14 16:23:46,687 [analyzer] DEBUG: Loaded monitor into process with pid 8308
2025-03-14 16:23:46,765 [analyzer] DEBUG: Loaded monitor into process with pid 8316
2025-03-14 16:23:46,858 [analyzer] DEBUG: Loaded monitor into process with pid 8488
2025-03-14 16:23:53,265 [analyzer] INFO: Added new file to list with pid 3828 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-54402.exe
2025-03-14 16:23:53,671 [analyzer] INFO: Injected into process with pid 8628 and name u'Unicorn-54402.exe'
2025-03-14 16:23:53,890 [analyzer] DEBUG: Loaded monitor into process with pid 8628
2025-03-14 16:23:56,358 [analyzer] INFO: Added new file to list with pid 4664 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-15600.exe
2025-03-14 16:23:56,358 [analyzer] INFO: Added new file to list with pid 3872 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-61537.exe
2025-03-14 16:23:56,453 [analyzer] INFO: Added new file to list with pid 3724 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-43884.exe
2025-03-14 16:23:56,453 [analyzer] INFO: Added new file to list with pid 3608 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-43884.exe
2025-03-14 16:23:56,453 [analyzer] INFO: Added new file to list with pid 3552 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-43884.exe
2025-03-14 16:23:56,467 [analyzer] INFO: Added new file to list with pid 1720 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-22883.exe
2025-03-14 16:23:56,467 [analyzer] INFO: Added new file to list with pid 3396 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-32948.exe
2025-03-14 16:23:56,467 [analyzer] INFO: Added new file to list with pid 3924 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-43884.exe
2025-03-14 16:23:56,467 [analyzer] INFO: Added new file to list with pid 3708 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-46684.exe
2025-03-14 16:23:56,483 [analyzer] INFO: Added new file to list with pid 4616 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-52549.exe
2025-03-14 16:23:56,483 [analyzer] INFO: Added new file to list with pid 4724 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-52549.exe
2025-03-14 16:23:56,483 [analyzer] INFO: Added new file to list with pid 3548 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-46684.exe
2025-03-14 16:23:56,500 [analyzer] INFO: Added new file to list with pid 3140 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-46684.exe
2025-03-14 16:23:56,562 [analyzer] INFO: Added new file to list with pid 1084 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-44414.exe
2025-03-14 16:23:56,578 [analyzer] INFO: Added new file to list with pid 2108 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-27348.exe
2025-03-14 16:23:56,671 [analyzer] INFO: Added new file to list with pid 1944 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-8920.exe
2025-03-14 16:23:56,796 [analyzer] INFO: Added new file to list with pid 3032 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-18223.exe
2025-03-14 16:23:56,796 [analyzer] INFO: Added new file to list with pid 4792 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-47889.exe
2025-03-14 16:23:56,858 [analyzer] INFO: Added new file to list with pid 2972 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-29416.exe
2025-03-14 16:23:56,937 [analyzer] INFO: Added new file to list with pid 2616 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-7081.exe
2025-03-14 16:23:57,000 [analyzer] INFO: Added new file to list with pid 3328 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6544.exe
2025-03-14 16:23:57,015 [analyzer] INFO: Added new file to list with pid 2436 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-23609.exe
2025-03-14 16:24:03,467 [analyzer] INFO: Added new file to list with pid 2584 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-18415.exe
2025-03-14 16:24:03,483 [analyzer] INFO: Injected into process with pid 8680 and name u'Unicorn-61537.exe'
2025-03-14 16:24:03,562 [analyzer] INFO: Added new file to list with pid 4124 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-20526.exe
2025-03-14 16:24:03,562 [analyzer] INFO: Injected into process with pid 8672 and name u'Unicorn-15600.exe'
2025-03-14 16:24:04,030 [analyzer] INFO: Added new file to list with pid 3764 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-55532.exe
2025-03-14 16:24:04,030 [analyzer] INFO: Added new file to list with pid 2108 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53262.exe
2025-03-14 16:24:04,030 [analyzer] INFO: Added new file to list with pid 3724 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-36196.exe
2025-03-14 16:24:04,062 [analyzer] INFO: Added new file to list with pid 4084 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-61397.exe
2025-03-14 16:24:04,108 [analyzer] INFO: Added new file to list with pid 4552 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-51448.exe
2025-03-14 16:24:04,171 [analyzer] INFO: Injected into process with pid 8720 and name u'Unicorn-22883.exe'
2025-03-14 16:24:04,171 [analyzer] INFO: Added new file to list with pid 4376 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-57313.exe
2025-03-14 16:24:04,187 [analyzer] INFO: Added new file to list with pid 3348 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-57313.exe
2025-03-14 16:24:04,187 [analyzer] INFO: Added new file to list with pid 3348 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-49178.exe
2025-03-14 16:24:04,203 [analyzer] INFO: Injected into process with pid 8752 and name u'Unicorn-46684.exe'
2025-03-14 16:24:04,203 [analyzer] INFO: Added new file to list with pid 4196 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-61662.exe
2025-03-14 16:24:04,233 [analyzer] INFO: Added new file to list with pid 356 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-47364.exe
2025-03-14 16:24:04,250 [analyzer] INFO: Injected into process with pid 8776 and name u'Unicorn-44414.exe'
2025-03-14 16:24:04,342 [analyzer] INFO: Added new file to list with pid 3708 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-8304.exe
2025-03-14 16:24:04,342 [analyzer] INFO: Added new file to list with pid 4616 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-65176.exe
2025-03-14 16:24:04,375 [analyzer] INFO: Added new file to list with pid 3608 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-48640.exe
2025-03-14 16:24:04,421 [analyzer] INFO: Injected into process with pid 8744 and name u'Unicorn-43884.exe'
2025-03-14 16:24:04,421 [analyzer] INFO: Injected into process with pid 8728 and name u'Unicorn-32948.exe'
2025-03-14 16:24:04,437 [analyzer] INFO: Injected into process with pid 8736 and name u'Unicorn-52549.exe'
2025-03-14 16:24:04,733 [analyzer] INFO: Added new file to list with pid 4008 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-40348.exe
2025-03-14 16:24:04,733 [analyzer] INFO: Added new file to list with pid 3472 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-21012.exe
2025-03-14 16:24:04,733 [analyzer] INFO: Added new file to list with pid 3696 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-37547.exe
2025-03-14 16:24:04,733 [analyzer] INFO: Added new file to list with pid 2996 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-21012.exe
2025-03-14 16:24:04,733 [analyzer] INFO: Added new file to list with pid 1364 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-16547.exe
2025-03-14 16:24:04,733 [analyzer] INFO: Added new file to list with pid 3472 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-40348.exe
2025-03-14 16:24:04,733 [analyzer] INFO: Added new file to list with pid 3188 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-37547.exe
2025-03-14 16:24:04,733 [analyzer] INFO: Injected into process with pid 8760 and name u'Unicorn-43884.exe'
2025-03-14 16:24:04,765 [analyzer] INFO: Injected into process with pid 8768 and name u'Unicorn-32948.exe'
2025-03-14 16:24:04,780 [analyzer] INFO: Injected into process with pid 8784 and name u'Unicorn-27348.exe'
2025-03-14 16:24:04,983 [analyzer] INFO: Added new file to list with pid 3772 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-37156.exe
2025-03-14 16:24:05,000 [analyzer] INFO: Added new file to list with pid 4076 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53692.exe
2025-03-14 16:24:05,030 [analyzer] DEBUG: Loaded monitor into process with pid 8680
2025-03-14 16:24:05,030 [analyzer] INFO: Injected into process with pid 8976 and name u'Unicorn-47889.exe'
2025-03-14 16:24:05,062 [analyzer] INFO: Added new file to list with pid 3444 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-50138.exe
2025-03-14 16:24:05,078 [analyzer] INFO: Injected into process with pid 8936 and name u'Unicorn-8920.exe'
2025-03-14 16:24:05,108 [analyzer] DEBUG: Loaded monitor into process with pid 8672
2025-03-14 16:24:05,296 [analyzer] DEBUG: Loaded monitor into process with pid 8720
2025-03-14 16:24:05,312 [analyzer] DEBUG: Loaded monitor into process with pid 8744
2025-03-14 16:24:05,375 [analyzer] DEBUG: Loaded monitor into process with pid 8776
2025-03-14 16:24:05,405 [analyzer] INFO: Injected into process with pid 8984 and name u'Unicorn-18223.exe'
2025-03-14 16:24:05,421 [analyzer] DEBUG: Loaded monitor into process with pid 8728
2025-03-14 16:24:05,421 [analyzer] DEBUG: Loaded monitor into process with pid 8736
2025-03-14 16:24:05,421 [analyzer] DEBUG: Loaded monitor into process with pid 8752
2025-03-14 16:24:05,453 [analyzer] INFO: Added new file to list with pid 4480 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-42392.exe
2025-03-14 16:24:05,625 [analyzer] DEBUG: Loaded monitor into process with pid 8768
2025-03-14 16:24:05,687 [analyzer] DEBUG: Loaded monitor into process with pid 8784
2025-03-14 16:24:05,733 [analyzer] DEBUG: Loaded monitor into process with pid 8760
2025-03-14 16:24:06,000 [analyzer] INFO: Injected into process with pid 9000 and name u'Unicorn-29416.exe'
2025-03-14 16:24:06,046 [analyzer] INFO: Injected into process with pid 9100 and name u'Unicorn-7081.exe'
2025-03-14 16:24:06,046 [analyzer] INFO: Injected into process with pid 9212 and name u'Unicorn-20526.exe'
2025-03-14 16:24:06,046 [analyzer] INFO: Injected into process with pid 9200 and name u'Unicorn-18415.exe'
2025-03-14 16:24:06,155 [analyzer] INFO: Added new file to list with pid 3528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-64085.exe
2025-03-14 16:24:06,155 [analyzer] INFO: Injected into process with pid 8880 and name u'Unicorn-61397.exe'
2025-03-14 16:24:06,155 [analyzer] INFO: Injected into process with pid 9152 and name u'Unicorn-6544.exe'
2025-03-14 16:24:06,187 [analyzer] DEBUG: Loaded monitor into process with pid 8976
2025-03-14 16:24:06,250 [analyzer] INFO: Injected into process with pid 9160 and name u'Unicorn-23609.exe'
2025-03-14 16:24:06,250 [analyzer] DEBUG: Loaded monitor into process with pid 8936
2025-03-14 16:24:06,280 [analyzer] INFO: Injected into process with pid 8400 and name u'Unicorn-53262.exe'
2025-03-14 16:24:06,280 [analyzer] INFO: Injected into process with pid 8404 and name u'Unicorn-61397.exe'
2025-03-14 16:24:06,312 [analyzer] INFO: Injected into process with pid 8376 and name u'Unicorn-55532.exe'
2025-03-14 16:24:06,312 [analyzer] INFO: Injected into process with pid 8356 and name u'Unicorn-36196.exe'
2025-03-14 16:24:06,312 [analyzer] INFO: Injected into process with pid 8288 and name u'Unicorn-55532.exe'
2025-03-14 16:24:06,342 [analyzer] INFO: Injected into process with pid 8352 and name u'Unicorn-53262.exe'
2025-03-14 16:24:06,358 [analyzer] INFO: Injected into process with pid 8648 and name u'Unicorn-51448.exe'
2025-03-14 16:24:06,358 [analyzer] INFO: Injected into process with pid 8548 and name u'Unicorn-51448.exe'
2025-03-14 16:24:06,358 [analyzer] INFO: Injected into process with pid 8384 and name u'Unicorn-53262.exe'
2025-03-14 16:24:06,358 [analyzer] INFO: Injected into process with pid 8500 and name u'Unicorn-51448.exe'
2025-03-14 16:24:06,390 [analyzer] INFO: Injected into process with pid 8884 and name u'Unicorn-55532.exe'
2025-03-14 16:24:06,421 [analyzer] INFO: Injected into process with pid 8860 and name u'Unicorn-36196.exe'
2025-03-14 16:24:06,421 [analyzer] INFO: Injected into process with pid 8640 and name u'Unicorn-53262.exe'
2025-03-14 16:24:06,437 [analyzer] DEBUG: Loaded monitor into process with pid 8984
2025-03-14 16:24:06,671 [analyzer] INFO: Injected into process with pid 8892 and name u'Unicorn-61397.exe'
2025-03-14 16:24:06,750 [analyzer] INFO: Injected into process with pid 9168 and name u'Unicorn-49178.exe'
2025-03-14 16:24:06,750 [analyzer] INFO: Added new file to list with pid 3424 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-39806.exe
2025-03-14 16:24:06,812 [analyzer] INFO: Injected into process with pid 8972 and name u'Unicorn-61662.exe'
2025-03-14 16:24:06,812 [analyzer] INFO: Injected into process with pid 1400 and name u'Unicorn-57313.exe'
2025-03-14 16:24:06,828 [analyzer] INFO: Injected into process with pid 8996 and name u'Unicorn-47364.exe'
2025-03-14 16:24:06,875 [analyzer] DEBUG: Loaded monitor into process with pid 9212
2025-03-14 16:24:06,921 [analyzer] DEBUG: Loaded monitor into process with pid 9000
2025-03-14 16:24:06,937 [analyzer] DEBUG: Loaded monitor into process with pid 9100
2025-03-14 16:24:06,953 [analyzer] INFO: Added new file to list with pid 2436 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-54647.exe
2025-03-14 16:24:06,967 [analyzer] DEBUG: Loaded monitor into process with pid 8404
2025-03-14 16:24:06,983 [analyzer] DEBUG: Loaded monitor into process with pid 8356
2025-03-14 16:24:06,983 [analyzer] DEBUG: Loaded monitor into process with pid 8880
2025-03-14 16:24:06,983 [analyzer] INFO: Injected into process with pid 9504 and name u'Unicorn-40348.exe'
2025-03-14 16:24:07,000 [analyzer] INFO: Injected into process with pid 9464 and name u'Unicorn-21012.exe'
2025-03-14 16:24:07,000 [analyzer] INFO: Injected into process with pid 9260 and name u'Unicorn-48640.exe'
2025-03-14 16:24:07,015 [analyzer] INFO: Injected into process with pid 9268 and name u'Unicorn-8304.exe'
2025-03-14 16:24:07,015 [analyzer] INFO: Injected into process with pid 9252 and name u'Unicorn-48640.exe'
2025-03-14 16:24:07,015 [analyzer] INFO: Injected into process with pid 9484 and name u'Unicorn-16547.exe'
2025-03-14 16:24:07,030 [analyzer] DEBUG: Loaded monitor into process with pid 8352
2025-03-14 16:24:07,030 [analyzer] INFO: Injected into process with pid 9244 and name u'Unicorn-48640.exe'
2025-03-14 16:24:07,030 [analyzer] INFO: Injected into process with pid 9680 and name u'Unicorn-50138.exe'
2025-03-14 16:24:07,030 [analyzer] INFO: Injected into process with pid 9236 and name u'Unicorn-65176.exe'
2025-03-14 16:24:07,030 [analyzer] INFO: Injected into process with pid 9620 and name u'Unicorn-53692.exe'
2025-03-14 16:24:07,030 [analyzer] INFO: Injected into process with pid 9496 and name u'Unicorn-37547.exe'
2025-03-14 16:24:07,030 [analyzer] INFO: Injected into process with pid 3040 and name u'Unicorn-55532.exe'
2025-03-14 16:24:07,046 [analyzer] DEBUG: Loaded monitor into process with pid 9200
2025-03-14 16:24:07,092 [analyzer] INFO: Injected into process with pid 9228 and name u'Unicorn-8304.exe'
2025-03-14 16:24:07,171 [analyzer] DEBUG: Loaded monitor into process with pid 8288
2025-03-14 16:24:07,171 [analyzer] DEBUG: Loaded monitor into process with pid 9152
2025-03-14 16:24:07,171 [analyzer] DEBUG: Loaded monitor into process with pid 9160
2025-03-14 16:24:07,203 [analyzer] DEBUG: Loaded monitor into process with pid 8972
2025-03-14 16:24:07,421 [analyzer] DEBUG: Loaded monitor into process with pid 8376
2025-03-14 16:24:07,421 [analyzer] DEBUG: Loaded monitor into process with pid 8648
2025-03-14 16:24:07,421 [analyzer] DEBUG: Loaded monitor into process with pid 8400
2025-03-14 16:24:07,421 [analyzer] INFO: Injected into process with pid 9612 and name u'Unicorn-37156.exe'
2025-03-14 16:24:07,437 [analyzer] DEBUG: Loaded monitor into process with pid 1400
2025-03-14 16:24:07,453 [analyzer] INFO: Injected into process with pid 9880 and name u'Unicorn-42392.exe'
2025-03-14 16:24:07,530 [analyzer] DEBUG: Loaded monitor into process with pid 8548
2025-03-14 16:24:07,546 [analyzer] DEBUG: Loaded monitor into process with pid 8500
2025-03-14 16:24:07,546 [analyzer] INFO: Added new file to list with pid 3724 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-32406.exe
2025-03-14 16:24:07,625 [analyzer] DEBUG: Loaded monitor into process with pid 8860
2025-03-14 16:24:07,640 [analyzer] DEBUG: Loaded monitor into process with pid 8640
2025-03-14 16:24:07,655 [analyzer] INFO: Injected into process with pid 10068 and name u'Unicorn-64085.exe'
2025-03-14 16:24:07,703 [analyzer] DEBUG: Loaded monitor into process with pid 8892
2025-03-14 16:24:07,717 [analyzer] DEBUG: Loaded monitor into process with pid 8884
2025-03-14 16:24:07,733 [analyzer] INFO: Added new file to list with pid 4376 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-2519.exe
2025-03-14 16:24:07,812 [analyzer] INFO: Added new file to list with pid 3788 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-23661.exe
2025-03-14 16:24:07,812 [analyzer] INFO: Added new file to list with pid 4048 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-23131.exe
2025-03-14 16:24:07,828 [analyzer] DEBUG: Loaded monitor into process with pid 9620
2025-03-14 16:24:07,875 [analyzer] DEBUG: Loaded monitor into process with pid 9168
2025-03-14 16:24:07,890 [analyzer] DEBUG: Loaded monitor into process with pid 9236
2025-03-14 16:24:07,921 [analyzer] DEBUG: Loaded monitor into process with pid 9680
2025-03-14 16:24:07,937 [analyzer] DEBUG: Loaded monitor into process with pid 9484
2025-03-14 16:24:08,092 [analyzer] DEBUG: Loaded monitor into process with pid 9228
2025-03-14 16:24:08,092 [analyzer] DEBUG: Loaded monitor into process with pid 8996
2025-03-14 16:24:08,108 [analyzer] DEBUG: Loaded monitor into process with pid 9252
2025-03-14 16:24:08,108 [analyzer] DEBUG: Loaded monitor into process with pid 9268
2025-03-14 16:24:08,125 [analyzer] DEBUG: Loaded monitor into process with pid 9260
2025-03-14 16:24:08,125 [analyzer] DEBUG: Loaded monitor into process with pid 9504
2025-03-14 16:24:08,125 [analyzer] DEBUG: Loaded monitor into process with pid 9244
2025-03-14 16:24:08,140 [analyzer] DEBUG: Loaded monitor into process with pid 9464
2025-03-14 16:24:08,155 [analyzer] DEBUG: Loaded monitor into process with pid 9496
2025-03-14 16:24:08,171 [analyzer] INFO: Added new file to list with pid 3696 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-23124.exe
2025-03-14 16:24:08,203 [analyzer] INFO: Added new file to list with pid 4008 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-48325.exe
2025-03-14 16:24:08,203 [analyzer] INFO: Injected into process with pid 9092 and name u'Unicorn-39806.exe'
2025-03-14 16:24:08,217 [analyzer] INFO: Added new file to list with pid 3828 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-28724.exe
2025-03-14 16:24:08,217 [analyzer] DEBUG: Loaded monitor into process with pid 3040
2025-03-14 16:24:08,217 [analyzer] INFO: Added new file to list with pid 3472 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-40190.exe
2025-03-14 16:24:08,217 [analyzer] DEBUG: Loaded monitor into process with pid 8384
2025-03-14 16:24:08,453 [analyzer] INFO: Injected into process with pid 8448 and name u'Unicorn-54647.exe'
2025-03-14 16:24:08,515 [analyzer] DEBUG: Loaded monitor into process with pid 9612
2025-03-14 16:24:08,592 [analyzer] DEBUG: Loaded monitor into process with pid 9880
2025-03-14 16:24:08,625 [analyzer] DEBUG: Loaded monitor into process with pid 10068
2025-03-14 16:24:08,671 [analyzer] INFO: Injected into process with pid 1408 and name u'Unicorn-32406.exe'
2025-03-14 16:24:08,796 [analyzer] DEBUG: Loaded monitor into process with pid 9092
2025-03-14 16:24:08,796 [analyzer] INFO: Added new file to list with pid 5616 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-36878.exe
2025-03-14 16:24:08,828 [analyzer] INFO: Injected into process with pid 9452 and name u'Unicorn-2519.exe'
2025-03-14 16:24:08,842 [analyzer] INFO: Injected into process with pid 9436 and name u'Unicorn-23131.exe'
2025-03-14 16:24:08,858 [analyzer] INFO: Injected into process with pid 9892 and name u'Unicorn-23661.exe'
2025-03-14 16:24:08,983 [analyzer] DEBUG: Loaded monitor into process with pid 8448
2025-03-14 16:24:08,983 [analyzer] INFO: Injected into process with pid 9756 and name u'Unicorn-40190.exe'
2025-03-14 16:24:09,000 [analyzer] INFO: Injected into process with pid 9716 and name u'Unicorn-23124.exe'
2025-03-14 16:24:09,015 [analyzer] INFO: Injected into process with pid 10028 and name u'Unicorn-28724.exe'
2025-03-14 16:24:09,078 [analyzer] INFO: Injected into process with pid 9728 and name u'Unicorn-48325.exe'
2025-03-14 16:24:09,217 [analyzer] DEBUG: Loaded monitor into process with pid 1408
2025-03-14 16:24:09,421 [analyzer] DEBUG: Loaded monitor into process with pid 9892
2025-03-14 16:24:09,421 [analyzer] DEBUG: Loaded monitor into process with pid 9436
2025-03-14 16:24:09,437 [analyzer] DEBUG: Loaded monitor into process with pid 9716
2025-03-14 16:24:09,453 [analyzer] DEBUG: Loaded monitor into process with pid 9756
2025-03-14 16:24:09,483 [analyzer] DEBUG: Loaded monitor into process with pid 9452
2025-03-14 16:24:09,483 [analyzer] DEBUG: Loaded monitor into process with pid 10028
2025-03-14 16:24:09,515 [analyzer] INFO: Injected into process with pid 8416 and name u'Unicorn-36878.exe'
2025-03-14 16:24:09,671 [analyzer] DEBUG: Loaded monitor into process with pid 9728
2025-03-14 16:24:09,937 [analyzer] DEBUG: Loaded monitor into process with pid 8416
2025-03-14 16:24:16,812 [analyzer] INFO: Added new file to list with pid 4308 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6893.exe
2025-03-14 16:24:17,312 [analyzer] INFO: Injected into process with pid 9808 and name u'Unicorn-6893.exe'
2025-03-14 16:24:25,717 [analyzer] DEBUG: Loaded monitor into process with pid 9808
2025-03-14 16:24:26,967 [analyzer] INFO: Added new file to list with pid 2972 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-27924.exe
2025-03-14 16:24:26,967 [analyzer] INFO: Added new file to list with pid 4724 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-50060.exe
2025-03-14 16:24:26,967 [analyzer] INFO: Added new file to list with pid 1944 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-8548.exe
2025-03-14 16:24:26,983 [analyzer] INFO: Added new file to list with pid 4792 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-62504.exe
2025-03-14 16:24:27,155 [analyzer] INFO: Added new file to list with pid 3032 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-28768.exe
2025-03-14 16:24:27,187 [analyzer] INFO: Added new file to list with pid 4124 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-36000.exe
2025-03-14 16:24:27,217 [analyzer] INFO: Added new file to list with pid 3080 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-50631.exe
2025-03-14 16:24:27,217 [analyzer] INFO: Added new file to list with pid 4552 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-14760.exe
2025-03-14 16:24:27,265 [analyzer] INFO: Added new file to list with pid 3980 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-8895.exe
2025-03-14 16:24:27,265 [analyzer] INFO: Added new file to list with pid 4036 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6095.exe
2025-03-14 16:24:27,312 [analyzer] INFO: Added new file to list with pid 2584 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-45296.exe
2025-03-14 16:24:27,358 [analyzer] INFO: Added new file to list with pid 3924 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-55097.exe
2025-03-14 16:24:27,467 [analyzer] INFO: Added new file to list with pid 3392 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-6592.exe
2025-03-14 16:24:27,500 [analyzer] INFO: Added new file to list with pid 3416 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-63994.exe
2025-03-14 16:24:27,530 [analyzer] INFO: Added new file to list with pid 4084 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-63464.exe
2025-03-14 16:24:27,546 [analyzer] INFO: Added new file to list with pid 2108 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-42463.exe
2025-03-14 16:24:27,780 [analyzer] INFO: Added new file to list with pid 2448 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-62500.exe
2025-03-14 16:24:27,828 [analyzer] INFO: Added new file to list with pid 4664 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-38576.exe
2025-03-14 16:24:27,858 [analyzer] INFO: Added new file to list with pid 3348 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-30407.exe
2025-03-14 16:24:27,858 [analyzer] INFO: Added new file to list with pid 4196 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-19472.exe
2025-03-14 16:24:27,890 [analyzer] INFO: Added new file to list with pid 356 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-39073.exe
2025-03-14 16:24:27,937 [analyzer] INFO: Added new file to list with pid 3552 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-55442.exe
2025-03-14 16:24:27,937 [analyzer] INFO: Added new file to list with pid 3188 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-38376.exe
2025-03-14 16:24:27,967 [analyzer] INFO: Added new file to list with pid 4244 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-63577.exe
2025-03-14 16:24:28,030 [analyzer] INFO: Added new file to list with pid 1364 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-28576.exe
2025-03-14 16:24:28,062 [analyzer] INFO: Added new file to list with pid 4816 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-51325.exe
2025-03-14 16:24:28,078 [analyzer] INFO: Added new file to list with pid 4076 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-26124.exe
2025-03-14 16:24:28,092 [analyzer] INFO: Added new file to list with pid 3444 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-21659.exe
2025-03-14 16:24:28,108 [analyzer] INFO: Added new file to list with pid 3548 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-42660.exe
2025-03-14 16:24:28,280 [analyzer] INFO: Injected into process with pid 10144 and name u'Unicorn-62504.exe'
2025-03-14 16:24:28,280 [analyzer] INFO: Injected into process with pid 8220 and name u'Unicorn-27924.exe'
2025-03-14 16:24:28,280 [analyzer] INFO: Injected into process with pid 8280 and name u'Unicorn-8548.exe'
2025-03-14 16:24:28,280 [analyzer] INFO: Injected into process with pid 10084 and name u'Unicorn-50060.exe'
2025-03-14 16:24:28,312 [analyzer] INFO: Injected into process with pid 2388 and name u'Unicorn-28768.exe'
2025-03-14 16:24:28,312 [analyzer] INFO: Injected into process with pid 1628 and name u'Unicorn-36000.exe'
2025-03-14 16:24:28,342 [analyzer] INFO: Injected into process with pid 2944 and name u'Unicorn-14760.exe'
2025-03-14 16:24:28,342 [analyzer] INFO: Injected into process with pid 2428 and name u'Unicorn-6095.exe'
2025-03-14 16:24:28,342 [analyzer] INFO: Injected into process with pid 9912 and name u'Unicorn-8895.exe'
2025-03-14 16:24:28,358 [analyzer] INFO: Injected into process with pid 2472 and name u'Unicorn-14760.exe'
2025-03-14 16:24:28,483 [analyzer] INFO: Added new file to list with pid 5616 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-204.exe
2025-03-14 16:24:28,500 [analyzer] INFO: Added new file to list with pid 3708 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-15223.exe
2025-03-14 16:24:28,515 [analyzer] INFO: Added new file to list with pid 3772 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-15753.exe
2025-03-14 16:24:28,562 [analyzer] INFO: Added new file to list with pid 2436 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-8732.exe
2025-03-14 16:24:28,578 [analyzer] INFO: Added new file to list with pid 4008 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35067.exe
2025-03-14 16:24:28,578 [analyzer] INFO: Added new file to list with pid 3472 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-14067.exe
2025-03-14 16:24:28,578 [analyzer] INFO: Added new file to list with pid 3424 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-14067.exe
2025-03-14 16:24:28,578 [analyzer] INFO: Added new file to list with pid 3788 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-14067.exe
2025-03-14 16:24:28,578 [analyzer] INFO: Added new file to list with pid 3528 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35067.exe
2025-03-14 16:24:28,578 [analyzer] INFO: Added new file to list with pid 3696 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-35598.exe
2025-03-14 16:24:28,578 [analyzer] INFO: Added new file to list with pid 3828 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-37868.exe
2025-03-14 16:24:28,592 [analyzer] INFO: Added new file to list with pid 4048 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-18532.exe
2025-03-14 16:24:31,203 [analyzer] INFO: Added new file to list with pid 4308 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-14568.exe
2025-03-14 16:24:31,640 [analyzer] INFO: Added new file to list with pid 3472 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-47984.exe
2025-03-14 16:24:31,655 [analyzer] INFO: Added new file to list with pid 3696 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53319.exe
2025-03-14 16:24:41,155 [analyzer] INFO: Added new file to list with pid 3328 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-36807.exe
2025-03-14 16:24:41,890 [analyzer] INFO: Added new file to list with pid 1944 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-50997.exe
2025-03-14 16:24:41,890 [analyzer] INFO: Added new file to list with pid 4036 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-36996.exe
2025-03-14 16:24:41,905 [analyzer] INFO: Added new file to list with pid 4792 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-36996.exe
2025-03-14 16:24:41,905 [analyzer] INFO: Added new file to list with pid 4724 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-36996.exe
2025-03-14 16:24:41,905 [analyzer] INFO: Added new file to list with pid 4724 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-3660.exe
2025-03-14 16:24:41,905 [analyzer] INFO: Added new file to list with pid 4124 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-56332.exe
2025-03-14 16:24:41,905 [analyzer] INFO: Added new file to list with pid 3980 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-62197.exe
2025-03-14 16:24:41,905 [analyzer] INFO: Added new file to list with pid 3720 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-53532.exe
2025-03-14 16:24:41,921 [analyzer] INFO: Added new file to list with pid 3032 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-31396.exe
2025-03-14 16:24:42,030 [analyzer] INFO: Added new file to list with pid 4552 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-21627.exe
2025-03-14 16:24:45,000 [analyzer] INFO: Added new file to list with pid 4036 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-64534.exe
2025-03-14 16:24:45,078 [analyzer] INFO: Added new file to list with pid 4792 and path C:\Users\Administrator\AppData\Local\Temp\Unicorn-20377.exe
2025-03-14 16:26:20,453 [analyzer] INFO: Analysis timeout hit, terminating analysis.
2025-03-14 16:26:44,171 [analyzer] INFO: Terminating remaining processes before shutdown.
2025-03-14 16:26:44,171 [lib.api.process] INFO: Successfully terminated process with pid 1944.
2025-03-14 16:26:44,171 [lib.api.process] INFO: Successfully terminated process with pid 2972.
2025-03-14 16:26:44,187 [lib.api.process] INFO: Successfully terminated process with pid 3032.
2025-03-14 16:26:44,187 [lib.api.process] INFO: Successfully terminated process with pid 1720.
2025-03-14 16:26:44,187 [lib.api.process] INFO: Successfully terminated process with pid 2448.
2025-03-14 16:26:44,187 [lib.api.process] INFO: Successfully terminated process with pid 1364.
2025-03-14 16:26:44,187 [lib.api.process] INFO: Successfully terminated process with pid 2584.
2025-03-14 16:26:44,187 [lib.api.process] INFO: Successfully terminated process with pid 1084.
2025-03-14 16:26:44,187 [lib.api.process] INFO: Successfully terminated process with pid 2616.
2025-03-14 16:26:44,187 [lib.api.process] INFO: Successfully terminated process with pid 2436.
2025-03-14 16:26:44,187 [lib.api.process] INFO: Successfully terminated process with pid 324.
2025-03-14 16:26:44,187 [lib.api.process] INFO: Successfully terminated process with pid 2996.
2025-03-14 16:26:44,187 [lib.api.process] INFO: Successfully terminated process with pid 3080.
2025-03-14 16:26:44,187 [lib.api.process] INFO: Successfully terminated process with pid 2236.
2025-03-14 16:26:44,187 [lib.api.process] INFO: Successfully terminated process with pid 2108.
2025-03-14 16:26:44,187 [lib.api.process] INFO: Successfully terminated process with pid 3172.
2025-03-14 16:26:44,203 [lib.api.process] INFO: Successfully terminated process with pid 3328.
2025-03-14 16:26:44,203 [lib.api.process] INFO: Successfully terminated process with pid 3360.
2025-03-14 16:26:44,203 [lib.api.process] INFO: Successfully terminated process with pid 3424.
2025-03-14 16:26:44,203 [lib.api.process] INFO: Successfully terminated process with pid 3416.
2025-03-14 16:26:44,203 [lib.api.process] INFO: Successfully terminated process with pid 3472.
2025-03-14 16:26:44,203 [lib.api.process] INFO: Successfully terminated process with pid 3480.
2025-03-14 16:26:44,203 [lib.api.process] INFO: Successfully terminated process with pid 3552.
2025-03-14 16:26:44,203 [lib.api.process] INFO: Successfully terminated process with pid 3608.
2025-03-14 16:26:44,203 [lib.api.process] INFO: Successfully terminated process with pid 3640.
2025-03-14 16:26:44,203 [lib.api.process] INFO: Successfully terminated process with pid 3696.
2025-03-14 16:26:44,203 [lib.api.process] INFO: Successfully terminated process with pid 3724.
2025-03-14 16:26:44,203 [lib.api.process] INFO: Successfully terminated process with pid 3772.
2025-03-14 16:26:44,203 [lib.api.process] INFO: Successfully terminated process with pid 3788.
2025-03-14 16:26:44,203 [lib.api.process] INFO: Successfully terminated process with pid 3840.
2025-03-14 16:26:44,203 [lib.api.process] INFO: Successfully terminated process with pid 3924.
2025-03-14 16:26:44,203 [lib.api.process] INFO: Successfully terminated process with pid 3968.
2025-03-14 16:26:44,203 [lib.api.process] INFO: Successfully terminated process with pid 4036.
2025-03-14 16:26:44,203 [lib.api.process] INFO: Successfully terminated process with pid 4076.
2025-03-14 16:26:44,203 [lib.api.process] INFO: Successfully terminated process with pid 4084.
2025-03-14 16:26:44,203 [lib.api.process] INFO: Successfully terminated process with pid 3188.
2025-03-14 16:26:44,203 [lib.api.process] INFO: Successfully terminated process with pid 3348.
2025-03-14 16:26:44,203 [lib.api.process] INFO: Successfully terminated process with pid 3392.
2025-03-14 16:26:44,203 [lib.api.process] INFO: Successfully terminated process with pid 3444.
2025-03-14 16:26:44,217 [lib.api.process] INFO: Successfully terminated process with pid 3548.
2025-03-14 16:26:44,217 [lib.api.process] INFO: Successfully terminated process with pid 3720.
2025-03-14 16:26:44,217 [lib.api.process] INFO: Successfully terminated process with pid 3752.
2025-03-14 16:26:44,217 [lib.api.process] INFO: Successfully terminated process with pid 3872.
2025-03-14 16:26:44,217 [lib.api.process] INFO: Successfully terminated process with pid 4008.
2025-03-14 16:26:44,217 [lib.api.process] INFO: Successfully terminated process with pid 3980.
2025-03-14 16:26:44,217 [lib.api.process] INFO: Successfully terminated process with pid 3304.
2025-03-14 16:26:44,217 [lib.api.process] INFO: Successfully terminated process with pid 356.
2025-03-14 16:26:44,217 [lib.api.process] INFO: Successfully terminated process with pid 3140.
2025-03-14 16:26:44,217 [lib.api.process] INFO: Successfully terminated process with pid 3708.
2025-03-14 16:26:44,217 [lib.api.process] INFO: Successfully terminated process with pid 3764.
2025-03-14 16:26:44,217 [lib.api.process] INFO: Successfully terminated process with pid 4048.
2025-03-14 16:26:44,217 [lib.api.process] INFO: Successfully terminated process with pid 3396.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 3528.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 3828.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 4124.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 4196.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 4244.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 4308.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 4376.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 4432.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 4480.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 4516.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 4552.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 4616.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 4664.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 4724.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 4792.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 4816.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 4880.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 4912.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 4948.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 5020.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 5012.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 5060.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 5076.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 4100.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 4140.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 4224.
2025-03-14 16:26:44,233 [lib.api.process] INFO: Successfully terminated process with pid 2248.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 4448.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 4568.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 4632.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 4680.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 4768.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 4780.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 4772.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 4936.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 5040.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 2684.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 4164.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 4492.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 4744.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 4136.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 640.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 4844.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 4944.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 4972.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 5144.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 5184.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 5200.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 5292.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 5408.
2025-03-14 16:26:44,250 [lib.api.process] INFO: Successfully terminated process with pid 5436.
2025-03-14 16:26:44,265 [lib.api.process] INFO: Successfully terminated process with pid 5416.
2025-03-14 16:26:44,265 [lib.api.process] INFO: Successfully terminated process with pid 5484.
2025-03-14 16:26:44,265 [lib.api.process] INFO: Successfully terminated process with pid 5460.
2025-03-14 16:26:44,265 [lib.api.process] INFO: Successfully terminated process with pid 5600.
2025-03-14 16:26:44,265 [lib.api.process] INFO: Successfully terminated process with pid 5688.
2025-03-14 16:26:44,265 [lib.api.process] INFO: Successfully terminated process with pid 5712.
2025-03-14 16:26:44,265 [lib.api.process] INFO: Successfully terminated process with pid 5812.
2025-03-14 16:26:44,265 [lib.api.process] INFO: Successfully terminated process with pid 5848.
2025-03-14 16:26:44,265 [lib.api.process] INFO: Successfully terminated process with pid 5872.
2025-03-14 16:26:44,265 [lib.api.process] INFO: Successfully terminated process with pid 5880.
2025-03-14 16:26:44,265 [lib.api.process] INFO: Successfully terminated process with pid 5904.
2025-03-14 16:26:44,265 [lib.api.process] INFO: Successfully terminated process with pid 5912.
2025-03-14 16:26:44,265 [lib.api.process] INFO: Successfully terminated process with pid 5984.
2025-03-14 16:26:44,265 [lib.api.process] INFO: Successfully terminated process with pid 6076.
2025-03-14 16:26:44,265 [lib.api.process] INFO: Successfully terminated process with pid 6096.
2025-03-14 16:26:44,265 [lib.api.process] INFO: Successfully terminated process with pid 4848.
2025-03-14 16:26:44,265 [lib.api.process] INFO: Successfully terminated process with pid 6136.
2025-03-14 16:26:44,280 [lib.api.process] INFO: Successfully terminated process with pid 5208.
2025-03-14 16:26:44,280 [lib.api.process] INFO: Successfully terminated process with pid 4400.
2025-03-14 16:26:44,280 [lib.api.process] INFO: Successfully terminated process with pid 5196.
2025-03-14 16:26:44,280 [lib.api.process] INFO: Successfully terminated process with pid 5312.
2025-03-14 16:26:44,280 [lib.api.process] INFO: Successfully terminated process with pid 5524.
2025-03-14 16:26:44,280 [lib.api.process] INFO: Successfully terminated process with pid 5472.
2025-03-14 16:26:44,280 [lib.api.process] INFO: Successfully terminated process with pid 5592.
2025-03-14 16:26:44,280 [lib.api.process] INFO: Successfully terminated process with pid 5616.
2025-03-14 16:26:44,280 [lib.api.process] INFO: Successfully terminated process with pid 5724.
2025-03-14 16:26:44,280 [lib.api.process] INFO: Successfully terminated process with pid 5568.
2025-03-14 16:26:44,280 [lib.api.process] INFO: Successfully terminated process with pid 5588.
2025-03-14 16:26:44,280 [lib.api.process] INFO: Successfully terminated process with pid 5708.
2025-03-14 16:26:44,280 [lib.api.process] INFO: Successfully terminated process with pid 5792.
2025-03-14 16:26:44,280 [lib.api.process] INFO: Successfully terminated process with pid 5840.
2025-03-14 16:26:44,280 [lib.api.process] INFO: Successfully terminated process with pid 1352.
2025-03-14 16:26:44,280 [lib.api.process] INFO: Successfully terminated process with pid 2508.
2025-03-14 16:26:44,280 [lib.api.process] INFO: Successfully terminated process with pid 6208.
2025-03-14 16:26:44,280 [lib.api.process] INFO: Successfully terminated process with pid 6276.
2025-03-14 16:26:44,280 [lib.api.process] INFO: Successfully terminated process with pid 6308.
2025-03-14 16:26:44,280 [lib.api.process] INFO: Successfully terminated process with pid 6300.
2025-03-14 16:26:44,280 [lib.api.process] INFO: Successfully terminated process with pid 6316.
2025-03-14 16:26:44,280 [lib.api.process] INFO: Successfully terminated process with pid 6332.
2025-03-14 16:26:44,280 [lib.api.process] INFO: Successfully terminated process with pid 6412.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 6396.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 6420.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 6640.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 6664.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 6720.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 6752.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 6728.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 6768.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 6864.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 6920.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 6980.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 7024.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 7060.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 7068.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 580.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 6188.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 6180.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 6360.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 6452.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 6516.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 6532.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 6776.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 6852.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 2460.
2025-03-14 16:26:44,296 [lib.api.process] INFO: Successfully terminated process with pid 7080.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 7104.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 7048.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 7100.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 800.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 6632.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 6340.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 6228.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 3012.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 1872.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 6700.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 6892.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 988.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 2392.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 1068.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 6888.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 2068.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 6896.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 2464.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 7280.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 7312.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 7304.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 7348.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 7392.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 7524.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 7628.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 7636.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 7648.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 7676.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 7684.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 7756.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 7776.
2025-03-14 16:26:44,312 [lib.api.process] INFO: Successfully terminated process with pid 7716.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 7768.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 7916.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 7940.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 7888.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 7948.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 7928.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 7968.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 7960.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 8188.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 4716.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 2880.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 5180.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 2452.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 7376.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 2780.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 7276.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 7292.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 7564.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 8032.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 7500.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 8184.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 8148.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 2012.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 1936.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 572.
2025-03-14 16:26:44,328 [lib.api.process] INFO: Successfully terminated process with pid 8200.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8236.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8244.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8300.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8308.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8292.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8316.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8332.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8488.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8628.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8672.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8680.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8736.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8720.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8728.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8744.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8752.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8776.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8760.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8768.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8784.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8936.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8976.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8984.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 9000.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 9100.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 9160.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 9152.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 9200.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 9212.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8288.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8356.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8352.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8376.
2025-03-14 16:26:44,342 [lib.api.process] INFO: Successfully terminated process with pid 8384.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 8400.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 8404.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 8500.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 8548.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 8648.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 8640.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 8860.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 8884.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 8892.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 8880.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 1400.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 9168.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 8972.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 8996.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 9236.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 9252.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 9268.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 3040.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 9244.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 9260.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 9228.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 9464.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 9484.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 9504.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 9496.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 9612.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 9620.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 9680.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 9880.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 10068.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 9092.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 8448.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 1408.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 9436.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 9452.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 9892.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 9716.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 10028.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 9756.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 9728.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 8416.
2025-03-14 16:26:44,358 [lib.api.process] INFO: Successfully terminated process with pid 9808.
2025-03-14 16:26:44,375 [lib.api.process] INFO: Successfully terminated process with pid 8220.
2025-03-14 16:26:44,375 [lib.api.process] INFO: Successfully terminated process with pid 10144.
2025-03-14 16:26:44,375 [lib.api.process] INFO: Successfully terminated process with pid 8280.
2025-03-14 16:26:44,375 [lib.api.process] INFO: Successfully terminated process with pid 10084.
2025-03-14 16:26:44,375 [lib.api.process] INFO: Successfully terminated process with pid 2388.
2025-03-14 16:26:44,375 [lib.api.process] INFO: Successfully terminated process with pid 2428.
2025-03-14 16:26:44,375 [lib.api.process] INFO: Successfully terminated process with pid 1628.
2025-03-14 16:26:44,390 [lib.api.process] INFO: Successfully terminated process with pid 2944.
2025-03-14 16:26:44,390 [lib.api.process] INFO: Successfully terminated process with pid 2472.
2025-03-14 16:26:44,390 [lib.api.process] INFO: Successfully terminated process with pid 9912.
2025-03-14 16:26:44,687 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-44930.exe
2025-03-14 16:26:44,687 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-43978.exe
2025-03-14 16:26:44,687 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-11211.exe
2025-03-14 16:26:44,687 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-54461.exe
2025-03-14 16:26:44,687 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-49548.exe
2025-03-14 16:26:44,687 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-30398.exe
2025-03-14 16:26:44,687 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-17275.exe
2025-03-14 16:26:44,687 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-42384.exe
2025-03-14 16:26:44,687 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-9636.exe
2025-03-14 16:26:44,687 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-22385.exe
2025-03-14 16:26:44,687 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-11179.exe
2025-03-14 16:26:44,687 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-21012.exe
2025-03-14 16:26:44,687 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-5368.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-37383.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-4097.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-42640.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-11476.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-54865.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-43402.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-28114.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-50631.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-5872.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-13116.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-6039.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-36858.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-18415.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-5.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-21659.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-23465.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-59857.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-8839.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-47605.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-44414.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-54647.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-36807.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-61570.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-50928.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-65358.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-38040.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-3064.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-32645.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-59584.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-65012.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-34886.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-4528.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-59717.exe
2025-03-14 16:26:44,703 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-54402.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-40588.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-51325.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-47200.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-13044.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-13508.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-14865.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-50060.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-40190.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-36996.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-58161.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-63994.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-50997.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-18223.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-3832.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-25795.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-12472.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-22442.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-38638.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-38576.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-35576.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-46668.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-30884.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-35067.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-22576.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-21627.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-63577.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-48325.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-59436.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-6996.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-51378.exe
2025-03-14 16:26:44,717 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-42463.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-61397.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-54952.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-51512.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-8732.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-14568.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-2659.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-18876.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-58426.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-25175.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-29416.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-39771.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-6625.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-48337.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-61662.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-5539.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-44864.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-63464.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-42392.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53319.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-61537.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-31396.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-50818.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-49837.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-64221.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-60641.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-35706.exe
2025-03-14 16:26:44,733 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-20425.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-50626.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-23124.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-37156.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-63504.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-62504.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-27348.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-36786.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-55700.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-8548.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-64085.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-19608.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-5015.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-30803.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-55498.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-56904.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-7081.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-8108.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-18532.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-60905.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-20315.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-45248.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-12213.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-2348.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-55106.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-47984.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-44011.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-48476.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-62197.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-12140.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-12224.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-63241.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-19836.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-33484.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53713.exe
2025-03-14 16:26:44,750 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-38566.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-56319.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-15753.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-27995.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53002.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-39073.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-7511.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-11393.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-46684.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-63013.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-37868.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-42192.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-23609.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-28576.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-35982.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-61658.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-32440.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-64534.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-6121.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-43012.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-29032.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-49178.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-47889.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-56557.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-33343.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-56332.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-56201.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-64818.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-13919.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-52549.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-28768.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-45353.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-62198.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-7885.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-5145.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-31160.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-54878.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-36000.exe
2025-03-14 16:26:44,765 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-55532.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-3935.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-17310.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-27672.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-38876.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-19051.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-20405.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-61445.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-55300.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-204.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-37547.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-35598.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-57313.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-3864.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-57376.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-2847.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-39164.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-60402.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-45296.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-4711.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-29572.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-46244.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-27924.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-6544.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-22172.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-36785.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-23131.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-11772.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-14459.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-55442.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-18056.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-51448.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-45270.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53692.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-26124.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-59200.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-14760.exe
2025-03-14 16:26:44,780 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-25524.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-57148.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53262.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-64325.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-29585.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-32413.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-39277.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-6173.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53644.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-6893.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-7887.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-32982.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-40348.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-62500.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-15168.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-4092.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-64222.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-42660.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-52702.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-6592.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-48652.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-26448.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-44896.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-39806.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-8965.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-45649.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-62878.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-36666.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-57413.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-42664.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-23956.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-15576.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-54348.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-14660.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-6359.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-59313.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-1491.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-55041.exe
2025-03-14 16:26:44,796 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-30771.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-55097.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-16800.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-15223.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-36878.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-14704.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-23115.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-21898.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53532.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-32406.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-42752.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-54089.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-22770.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-22883.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-49281.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-3660.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-23661.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-38376.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-47364.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-24581.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-36196.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-28724.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-59105.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-62686.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-53077.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-20377.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-14799.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-50242.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-14319.exe
2025-03-14 16:26:44,812 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-20450.exe
2025-03-14 16:26:44,828 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-20526.exe
2025-03-14 16:26:44,828 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-19999.exe
2025-03-14 16:26:44,828 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-44340.exe
2025-03-14 16:26:44,828 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-43884.exe
2025-03-14 16:26:44,828 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-2907.exe
2025-03-14 16:26:44,828 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-14067.exe
2025-03-14 16:26:44,828 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-2519.exe
2025-03-14 16:26:44,828 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-19235.exe
2025-03-14 16:26:44,828 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-24207.exe
2025-03-14 16:26:44,828 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-16547.exe
2025-03-14 16:26:44,828 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\local\temp\unicorn-26308.exe
2025-03-14 16:26:44,828 [analyzer] INFO: Analysis completed.

Cuckoo Log

2025-03-17 11:24:25,226 [cuckoo.core.scheduler] DEBUG: Task #6117154: no machine available yet
2025-03-17 11:24:26,260 [cuckoo.core.scheduler] DEBUG: Task #6117154: no machine available yet
2025-03-17 11:24:27,439 [cuckoo.core.scheduler] DEBUG: Task #6117154: no machine available yet
2025-03-17 11:24:28,475 [cuckoo.core.scheduler] DEBUG: Task #6117154: no machine available yet
2025-03-17 11:24:29,495 [cuckoo.core.scheduler] DEBUG: Task #6117154: no machine available yet
2025-03-17 11:24:30,536 [cuckoo.core.scheduler] DEBUG: Task #6117154: no machine available yet
2025-03-17 11:24:31,561 [cuckoo.core.scheduler] DEBUG: Task #6117154: no machine available yet
2025-03-17 11:24:32,588 [cuckoo.core.scheduler] DEBUG: Task #6117154: no machine available yet
2025-03-17 11:24:33,615 [cuckoo.core.scheduler] DEBUG: Task #6117154: no machine available yet
2025-03-17 11:24:34,698 [cuckoo.core.scheduler] INFO: Task #6117154: acquired machine win7x6411 (label=win7x6411)
2025-03-17 11:24:34,705 [cuckoo.core.resultserver] DEBUG: Now tracking machine 192.168.168.211 for task #6117154
2025-03-17 11:24:35,171 [cuckoo.auxiliary.sniffer] INFO: Started sniffer with PID 1974800 (interface=vboxnet0, host=192.168.168.211)
2025-03-17 11:24:35,689 [cuckoo.machinery.virtualbox] DEBUG: Starting vm win7x6411
2025-03-17 11:24:36,390 [cuckoo.machinery.virtualbox] DEBUG: Restoring virtual machine win7x6411 to vmcloak
2025-03-17 11:26:33,944 [cuckoo.core.guest] INFO: Starting analysis #6117154 on guest (id=win7x6411, ip=192.168.168.211)
2025-03-17 11:26:34,954 [cuckoo.core.guest] DEBUG: win7x6411: not ready yet
2025-03-17 11:26:39,996 [cuckoo.core.guest] INFO: Guest is running Cuckoo Agent 0.10 (id=win7x6411, ip=192.168.168.211)
2025-03-17 11:26:40,129 [cuckoo.core.guest] DEBUG: Uploading analyzer to guest (id=win7x6411, ip=192.168.168.211, monitor=latest, size=6660546)
2025-03-17 11:26:42,110 [cuckoo.core.resultserver] DEBUG: Task #6117154: live log analysis.log initialized.
2025-03-17 11:26:43,627 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:26:44,197 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:26:44,979 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0001.jpg'
2025-03-17 11:26:45,014 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 133458
2025-03-17 11:26:47,562 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:26:51,110 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:26:51,112 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:26:54,599 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:26:54,609 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:26:54,735 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:26:54,785 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:26:57,162 [cuckoo.core.guest] DEBUG: win7x6411: analysis #6117154 still processing
2025-03-17 11:26:58,103 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:26:58,581 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:26:58,597 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:26:58,883 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:26:58,891 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:26:58,894 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:26:58,895 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:26:58,919 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:01,709 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:01,736 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:02,659 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:02,705 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:02,722 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:02,752 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:03,110 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:03,410 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:03,416 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:03,620 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:03,655 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:03,664 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:03,693 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:03,713 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:04,198 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:04,341 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:05,517 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:05,672 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:05,723 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:05,765 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:07,866 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:07,895 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:07,898 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:08,000 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:08,508 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:09,210 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:09,293 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0002.jpg'
2025-03-17 11:27:09,305 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 63901
2025-03-17 11:27:09,533 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:09,596 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:09,618 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:09,643 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:10,186 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:10,214 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:10,447 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:10,470 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:11,067 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:11,315 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:11,585 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:12,543 [cuckoo.core.guest] DEBUG: win7x6411: analysis #6117154 still processing
2025-03-17 11:27:12,649 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:12,909 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:13,734 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:14,619 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:15,187 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:15,560 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:15,992 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:16,407 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:16,594 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:16,894 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:16,899 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0003.jpg'
2025-03-17 11:27:16,912 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 83216
2025-03-17 11:27:17,239 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:17,432 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:18,040 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0004.jpg'
2025-03-17 11:27:18,071 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 122697
2025-03-17 11:27:18,865 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:19,193 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0005.jpg'
2025-03-17 11:27:19,227 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 123130
2025-03-17 11:27:19,434 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:19,528 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:20,319 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0006.jpg'
2025-03-17 11:27:20,348 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 123719
2025-03-17 11:27:20,795 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:20,957 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:21,243 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:21,496 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0007.jpg'
2025-03-17 11:27:21,521 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 85384
2025-03-17 11:27:22,060 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:22,145 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:22,192 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:22,236 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:22,258 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:22,275 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:22,412 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:22,678 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0008.jpg'
2025-03-17 11:27:22,695 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 85315
2025-03-17 11:27:22,797 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:23,055 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:23,513 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:23,668 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:23,799 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:23,907 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:23,930 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:23,968 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:24,016 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:24,292 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:24,340 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:24,397 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:24,490 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:24,527 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:24,882 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0009.jpg'
2025-03-17 11:27:24,909 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 83123
2025-03-17 11:27:24,957 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:25,270 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:25,315 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:25,487 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:26,223 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:26,896 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:26,899 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:26,900 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:27,859 [cuckoo.core.guest] DEBUG: win7x6411: analysis #6117154 still processing
2025-03-17 11:27:32,022 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:32,312 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:32,315 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0010.jpg'
2025-03-17 11:27:32,340 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 137241
2025-03-17 11:27:32,401 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:32,419 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:32,466 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:32,494 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:33,112 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:33,577 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:33,586 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:34,779 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:35,524 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:40,133 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:40,175 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:40,238 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:40,262 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:40,331 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:40,439 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:40,980 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:41,003 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0011.jpg'
2025-03-17 11:27:41,018 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 81724
2025-03-17 11:27:41,045 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:41,057 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:41,069 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:41,078 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:41,086 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:41,091 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:41,103 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:41,106 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:41,111 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:41,146 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:41,167 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:41,173 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:41,179 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:41,356 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:41,368 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:42,166 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:42,485 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:42,512 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:42,553 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:43,059 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:43,082 [cuckoo.core.guest] DEBUG: win7x6411: analysis #6117154 still processing
2025-03-17 11:27:43,081 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:43,090 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:43,402 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:43,533 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:43,543 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:43,594 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:43,613 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:45,814 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:45,826 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:46,161 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:46,185 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:46,199 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:46,219 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:46,434 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:46,741 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:46,970 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:47,130 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:47,352 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:47,492 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:48,017 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:48,043 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:48,141 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:48,298 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:48,528 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:48,539 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:48,655 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:49,116 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:49,688 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:49,802 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:50,088 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:50,127 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:50,150 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:50,163 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:50,186 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:27:58,383 [cuckoo.core.guest] DEBUG: win7x6411: analysis #6117154 still processing
2025-03-17 11:28:01,572 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:02,258 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:02,438 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:02,440 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:02,461 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0012.jpg'
2025-03-17 11:28:02,487 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:02,507 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:02,510 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:02,562 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:02,645 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 138646
2025-03-17 11:28:03,157 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:03,199 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:03,220 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:03,230 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:03,237 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:03,250 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:03,462 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:03,469 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:03,473 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:03,478 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:03,484 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:03,847 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:03,894 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:03,898 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:03,903 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:03,932 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:03,936 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:04,192 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:04,347 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:04,359 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:04,379 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:04,395 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:04,413 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:04,434 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:04,819 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:04,826 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:04,837 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:04,840 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:04,852 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:04,864 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:04,871 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:04,908 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:04,929 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:04,937 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:05,132 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:05,320 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:05,337 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:05,342 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:05,352 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:05,361 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:05,393 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:05,399 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:05,575 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:05,577 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:06,168 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:06,411 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:14,209 [cuckoo.core.guest] DEBUG: win7x6411: analysis #6117154 still processing
2025-03-17 11:28:14,242 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:14,257 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:14,314 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:14,319 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:14,332 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:14,350 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:14,703 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:14,720 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:18,046 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0013.jpg'
2025-03-17 11:28:18,061 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 83126
2025-03-17 11:28:18,113 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:25,060 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:25,170 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:25,739 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:25,740 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:25,748 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:25,749 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:25,751 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:25,752 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:25,773 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:25,774 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:25,777 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:26,297 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:26,320 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:26,328 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0014.jpg'
2025-03-17 11:28:26,346 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 86478
2025-03-17 11:28:26,901 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:26,959 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:26,976 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:26,985 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,014 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,018 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,029 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,083 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,091 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,173 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,203 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,231 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,253 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,267 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,284 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,299 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,552 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,554 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,555 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,566 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,569 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,657 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,659 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,672 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0015.jpg'
2025-03-17 11:28:27,691 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,711 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 138785
2025-03-17 11:28:27,768 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,827 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,843 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,872 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,974 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:27,994 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:28,095 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:28,114 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:28,130 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:28,147 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:28,163 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:28,179 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:28,195 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:28,215 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:28,229 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:28,562 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:28,640 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:28,677 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:28,827 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:29,021 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:29,256 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:29,461 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:29,487 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:29,496 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:29,506 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:29,514 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:29,530 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:29,963 [cuckoo.core.guest] DEBUG: win7x6411: analysis #6117154 still processing
2025-03-17 11:28:30,079 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:30,089 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:44,926 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0016.jpg'
2025-03-17 11:28:44,937 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 83280
2025-03-17 11:28:45,235 [cuckoo.core.guest] DEBUG: win7x6411: analysis #6117154 still processing
2025-03-17 11:28:45,750 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:48,490 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0017.jpg'
2025-03-17 11:28:48,504 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 86478
2025-03-17 11:28:48,580 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:48,597 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:48,771 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:49,009 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:49,012 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:49,013 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:49,022 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:49,211 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:49,215 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:49,216 [cuckoo.core.resultserver] DEBUG: Task #6117154 is sending a BSON stream
2025-03-17 11:28:50,645 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0018.jpg'
2025-03-17 11:28:50,657 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 138785
2025-03-17 11:28:58,739 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0019.jpg'
2025-03-17 11:28:58,769 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 82980
2025-03-17 11:29:00,399 [cuckoo.core.guest] DEBUG: win7x6411: analysis #6117154 still processing
2025-03-17 11:29:00,876 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0020.jpg'
2025-03-17 11:29:00,892 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 85354
2025-03-17 11:29:01,980 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0021.jpg'
2025-03-17 11:29:01,986 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 86291
2025-03-17 11:29:03,074 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0022.jpg'
2025-03-17 11:29:03,086 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 86944
2025-03-17 11:29:04,164 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0023.jpg'
2025-03-17 11:29:04,175 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 86947
2025-03-17 11:29:15,498 [cuckoo.core.guest] DEBUG: win7x6411: analysis #6117154 still processing
2025-03-17 11:29:30,793 [cuckoo.core.guest] DEBUG: win7x6411: analysis #6117154 still processing
2025-03-17 11:29:45,965 [cuckoo.core.guest] DEBUG: win7x6411: analysis #6117154 still processing
2025-03-17 11:29:53,053 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0024.jpg'
2025-03-17 11:29:53,077 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 82665
2025-03-17 11:29:54,195 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'shots/0025.jpg'
2025-03-17 11:29:54,205 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 82221
2025-03-17 11:30:01,553 [cuckoo.core.guest] DEBUG: win7x6411: analysis #6117154 still processing
2025-03-17 11:30:16,895 [cuckoo.core.guest] DEBUG: win7x6411: analysis #6117154 still processing
2025-03-17 11:30:32,177 [cuckoo.core.guest] INFO: win7x6411: end of analysis reached!
2025-03-17 11:30:32,209 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Redsocks
2025-03-17 11:30:32,240 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer
2025-03-17 11:30:33,490 [cuckoo.machinery.virtualbox] INFO: Successfully generated memory dump for virtual machine with label win7x6411 to path /srv/cuckoo/cwd/storage/analyses/6117154/memory.dmp
2025-03-17 11:30:33,498 [cuckoo.machinery.virtualbox] DEBUG: Stopping vm win7x6411
2025-03-17 11:30:52,686 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'curtain/1741965992.41.curtain.log'
2025-03-17 11:30:52,690 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 36
2025-03-17 11:31:03,800 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'sysmon/1741966003.52.sysmon.xml'
2025-03-17 11:31:04,317 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 18799216
2025-03-17 11:31:04,549 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/d476ed9a784d67ba_unicorn-4755.exe'
2025-03-17 11:31:04,566 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/076e4bab83ea7708_unicorn-41704.exe'
2025-03-17 11:31:04,573 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/ebf5d6a59daa447f_unicorn-19472.exe'
2025-03-17 11:31:04,581 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/26ede5b3fe39b987_unicorn-35846.exe'
2025-03-17 11:31:04,591 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/cc3b3a122cec9f3e_unicorn-51809.exe'
2025-03-17 11:31:04,620 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/9fdbf44f98101606_unicorn-62737.exe'
2025-03-17 11:31:04,626 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/0df7eecaece2e7fd_unicorn-30407.exe'
2025-03-17 11:31:04,642 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/397051e65347ba56_unicorn-48640.exe'
2025-03-17 11:31:04,656 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479261
2025-03-17 11:31:04,663 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479259
2025-03-17 11:31:04,679 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479259
2025-03-17 11:31:04,683 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/108b083909faa352_unicorn-32948.exe'
2025-03-17 11:31:04,689 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/553f3d954b036935_unicorn-65394.exe'
2025-03-17 11:31:04,704 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/7aca38290773eea1_unicorn-45701.exe'
2025-03-17 11:31:04,712 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/f9ae3ae82c7f3a16_unicorn-6095.exe'
2025-03-17 11:31:04,728 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/7cbcaf2669fb43f1_unicorn-2561.exe'
2025-03-17 11:31:04,738 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/79485f80006a6ab1_unicorn-8920.exe'
2025-03-17 11:31:04,742 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/5f4e55096b06b212_unicorn-50138.exe'
2025-03-17 11:31:04,772 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479259
2025-03-17 11:31:04,798 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479261
2025-03-17 11:31:04,807 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479260
2025-03-17 11:31:04,818 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479259
2025-03-17 11:31:04,916 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/b4bb05c3b1c43636_unicorn-31182.exe'
2025-03-17 11:31:04,933 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/2da93529c9bd397d_unicorn-3559.exe'
2025-03-17 11:31:04,959 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/3a39b25447149dc2_unicorn-16416.exe'
2025-03-17 11:31:04,969 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/ebc1090677ab0eac_unicorn-8304.exe'
2025-03-17 11:31:04,974 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/020bb62a067e0deb_unicorn-7641.exe'
2025-03-17 11:31:04,978 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/19dbf8ac9a595813_unicorn-20184.exe'
2025-03-17 11:31:04,985 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/e570ab3b9cbc3541_unicorn-65176.exe'
2025-03-17 11:31:04,987 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/d4520235d91367fb_unicorn-15600.exe'
2025-03-17 11:31:04,993 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/87ae5df6855cc86e_unicorn-55876.exe'
2025-03-17 11:31:04,998 [cuckoo.core.resultserver] DEBUG: Task #6117154: File upload for 'files/12757c0dc75c2f9c_unicorn-8895.exe'
2025-03-17 11:31:05,887 [cuckoo.core.resultserver] DEBUG: Task #6117154 had connection reset for <Context for LOG>
2025-03-17 11:31:05,923 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479258
2025-03-17 11:31:05,938 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479260
2025-03-17 11:31:05,944 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479259
2025-03-17 11:31:05,954 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479263
2025-03-17 11:31:05,963 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479262
2025-03-17 11:31:07,638 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479259
2025-03-17 11:31:07,641 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479259
2025-03-17 11:31:07,645 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479261
2025-03-17 11:31:07,650 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479261
2025-03-17 11:31:07,657 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479259
2025-03-17 11:31:07,660 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479260
2025-03-17 11:31:07,663 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479260
2025-03-17 11:31:07,667 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479262
2025-03-17 11:31:07,670 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479262
2025-03-17 11:31:07,674 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479257
2025-03-17 11:31:07,678 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479260
2025-03-17 11:31:07,794 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479260
2025-03-17 11:31:07,799 [cuckoo.core.resultserver] DEBUG: Task #6117154 uploaded file length: 479260
2025-03-17 11:32:11,257 [cuckoo.core.resultserver] DEBUG: Stopped tracking machine 192.168.168.211 for task #6117154
2025-03-17 11:32:12,434 [cuckoo.core.scheduler] DEBUG: Released database task #6117154
2025-03-17 11:32:12,637 [cuckoo.core.scheduler] INFO: Task #6117154: analysis procedure completed

Signatures

Yara rule detected for file (1 event)

description

(no description)

rule

SEH__vba

One or more processes crashed (50 out of 1324 events)

Time & API	Arguments	Status
__exception__ March 14, 2025, 5:22 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 5731a11a22d2eb20_unicorn-53556+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: 5731a11a22d2eb20_unicorn-53556+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: 5731a11a22d2eb20_unicorn-53556.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 7012725 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 2004170922	1
__exception__ March 14, 2025, 5:22 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5640128 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640128 registers.esi: 5640128 registers.ecx: 2	1
__exception__ March 14, 2025, 5:22 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 5731a11a22d2eb20_unicorn-53556+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: 5731a11a22d2eb20_unicorn-53556+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: 5731a11a22d2eb20_unicorn-53556.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ March 14, 2025, 5:22 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5640128 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640128 registers.esi: 5640128 registers.ecx: 2	1
__exception__ March 14, 2025, 5:22 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 5731a11a22d2eb20_unicorn-53556+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: 5731a11a22d2eb20_unicorn-53556+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: 5731a11a22d2eb20_unicorn-53556.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 7012725 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 2004170922	1
__exception__ March 14, 2025, 5:22 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5640128 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640128 registers.esi: 5640128 registers.ecx: 2	1
__exception__ March 14, 2025, 5:22 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 5731a11a22d2eb20_unicorn-53556+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: 5731a11a22d2eb20_unicorn-53556+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: 5731a11a22d2eb20_unicorn-53556.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ March 14, 2025, 5:22 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5640128 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640128 registers.esi: 5640128 registers.ecx: 2	1
__exception__ March 14, 2025, 5:22 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 5731a11a22d2eb20_unicorn-53556+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: 5731a11a22d2eb20_unicorn-53556+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: 5731a11a22d2eb20_unicorn-53556.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 7040501 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 2004170922	1
__exception__ March 14, 2025, 5:22 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5640128 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640128 registers.esi: 5640128 registers.ecx: 2	1
__exception__ March 14, 2025, 5:22 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 5731a11a22d2eb20_unicorn-53556+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: 5731a11a22d2eb20_unicorn-53556+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: 5731a11a22d2eb20_unicorn-53556.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ March 14, 2025, 5:22 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5640128 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640128 registers.esi: 5640128 registers.ecx: 2	1
__exception__ March 14, 2025, 5:23 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 5731a11a22d2eb20_unicorn-53556+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: 5731a11a22d2eb20_unicorn-53556+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: 5731a11a22d2eb20_unicorn-53556.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 7012725 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 2004170922	1
__exception__ March 14, 2025, 5:23 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5640128 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640128 registers.esi: 5640128 registers.ecx: 2	1
__exception__ March 14, 2025, 5:23 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 5731a11a22d2eb20_unicorn-53556+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: 5731a11a22d2eb20_unicorn-53556+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: 5731a11a22d2eb20_unicorn-53556.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ March 14, 2025, 5:23 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5640128 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640128 registers.esi: 5640128 registers.ecx: 2	1
__exception__ March 14, 2025, 5:23 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 5731a11a22d2eb20_unicorn-53556+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: 5731a11a22d2eb20_unicorn-53556+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: 5731a11a22d2eb20_unicorn-53556.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 7040501 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 2004170922	1
__exception__ March 14, 2025, 5:23 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5640128 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640128 registers.esi: 5640128 registers.ecx: 2	1
__exception__ March 14, 2025, 5:23 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 5731a11a22d2eb20_unicorn-53556+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: 5731a11a22d2eb20_unicorn-53556+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: 5731a11a22d2eb20_unicorn-53556.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ March 14, 2025, 5:23 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5640128 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640128 registers.esi: 5640128 registers.ecx: 2	1
__exception__ March 14, 2025, 5:23 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 5731a11a22d2eb20_unicorn-53556+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: 5731a11a22d2eb20_unicorn-53556+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: 5731a11a22d2eb20_unicorn-53556.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 7012725 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 2004170922	1
__exception__ March 14, 2025, 5:23 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5640128 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640128 registers.esi: 5640128 registers.ecx: 2	1
__exception__ March 14, 2025, 5:23 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 5731a11a22d2eb20_unicorn-53556+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: 5731a11a22d2eb20_unicorn-53556+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: 5731a11a22d2eb20_unicorn-53556.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ March 14, 2025, 5:23 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5640128 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640128 registers.esi: 5640128 registers.ecx: 2	1
__exception__ March 14, 2025, 5:23 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 5731a11a22d2eb20_unicorn-53556+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: 5731a11a22d2eb20_unicorn-53556+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: 5731a11a22d2eb20_unicorn-53556.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 7040501 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 2004170922	1
__exception__ March 14, 2025, 5:23 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5640128 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640128 registers.esi: 5640128 registers.ecx: 2	1
__exception__ March 14, 2025, 5:23 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 5731a11a22d2eb20_unicorn-53556+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: 5731a11a22d2eb20_unicorn-53556+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: 5731a11a22d2eb20_unicorn-53556.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ March 14, 2025, 5:23 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5640128 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640128 registers.esi: 5640128 registers.ecx: 2	1
__exception__ March 14, 2025, 5:24 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 5731a11a22d2eb20_unicorn-53556+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: 5731a11a22d2eb20_unicorn-53556+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: 5731a11a22d2eb20_unicorn-53556.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 7012725 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 2004170922	1
__exception__ March 14, 2025, 5:24 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5640128 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640128 registers.esi: 5640128 registers.ecx: 2	1
__exception__ March 14, 2025, 5:24 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 5731a11a22d2eb20_unicorn-53556+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: 5731a11a22d2eb20_unicorn-53556+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: 5731a11a22d2eb20_unicorn-53556.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ March 14, 2025, 5:24 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5640128 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640128 registers.esi: 5640128 registers.ecx: 2	1
__exception__ March 14, 2025, 5:24 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 5731a11a22d2eb20_unicorn-53556+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: 5731a11a22d2eb20_unicorn-53556+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: 5731a11a22d2eb20_unicorn-53556.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 7040501 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 2004170922	1
__exception__ March 14, 2025, 5:24 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5640128 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640128 registers.esi: 5640128 registers.ecx: 2	1
__exception__ March 14, 2025, 5:24 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 5731a11a22d2eb20_unicorn-53556+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: 5731a11a22d2eb20_unicorn-53556+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: 5731a11a22d2eb20_unicorn-53556.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ March 14, 2025, 5:24 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5640128 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5640128 registers.esi: 5640128 registers.ecx: 2	1
__exception__ March 14, 2025, 5:22 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 unicorn-32413+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: unicorn-32413+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: Unicorn-32413.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 4 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 4	1
__exception__ March 14, 2025, 5:22 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5971592 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5971592 registers.esi: 5971592 registers.ecx: 2	1
__exception__ March 14, 2025, 5:22 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 unicorn-32413+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: unicorn-32413+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: Unicorn-32413.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ March 14, 2025, 5:22 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5971592 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5971592 registers.esi: 5971592 registers.ecx: 2	1
__exception__ March 14, 2025, 5:22 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 unicorn-32413+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: unicorn-32413+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: Unicorn-32413.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 7 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 7	1
__exception__ March 14, 2025, 5:22 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5971592 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5971592 registers.esi: 5971592 registers.ecx: 2	1
__exception__ March 14, 2025, 5:22 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 unicorn-32413+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: unicorn-32413+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: Unicorn-32413.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ March 14, 2025, 5:22 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5971592 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5971592 registers.esi: 5971592 registers.ecx: 2	1
__exception__ March 14, 2025, 5:23 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 unicorn-32413+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: unicorn-32413+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: Unicorn-32413.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 9 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 9	1
__exception__ March 14, 2025, 5:23 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5971592 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5971592 registers.esi: 5971592 registers.ecx: 2	1
__exception__ March 14, 2025, 5:23 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 unicorn-32413+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 18 10 40 00 c7 45 f0 00 00 00 00 9b 68 7e b0 42 exception.symbol: unicorn-32413+0x2b01e exception.instruction: sbb byte ptr [eax], dl exception.module: Unicorn-32413.exe exception.exception_code: 0xc0000005 exception.offset: 176158 exception.address: 0x42b01e registers.esp: 1636952 registers.edi: 1637135 registers.eax: 4095 registers.ebp: 1637168 registers.edx: 20 registers.ebx: 4370453 registers.esi: 4198912 registers.ecx: 0	1
__exception__ March 14, 2025, 5:23 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5971592 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5971592 registers.esi: 5971592 registers.ecx: 2	1
__exception__ March 14, 2025, 5:23 p.m.	stacktrace: IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 unicorn-32413+0x297eb @ 0x4297eb IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 DllCanUnloadNow+0x1c1d9 DllRegisterServer-0xa1b8 msvbvm60+0xbbe8b @ 0x729fbe8b IID_IVbaHost+0x2e809 UserDllMain-0x36aae msvbvm60+0x5ce49 @ 0x7299ce49 IID_IVbaHost+0x3133d UserDllMain-0x33f7a msvbvm60+0x5f97d @ 0x7299f97d gapfnScSendMessage+0x332 GetAppCompatFlags2-0x8ea user32+0x162fa @ 0x758c62fa GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x758c6d3a CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758c77c4 DispatchMessageA+0xf GetMessageA-0x9 user32+0x17bca @ 0x758c7bca __vbaStrToAnsi+0x2f1 EbGetObjConnectionCounts-0x479 msvbvm60+0xa6c8 @ 0x7294a6c8 __vbaStrToAnsi+0x268 EbGetObjConnectionCounts-0x502 msvbvm60+0xa63f @ 0x7294a63f __vbaStrToAnsi+0x146 EbGetObjConnectionCounts-0x624 msvbvm60+0xa51d @ 0x7294a51d exception.instruction_r: 00 00 75 fb 68 f8 c2 42 00 68 e4 9a 42 00 ff 15 exception.symbol: unicorn-32413+0x2ae48 exception.instruction: add byte ptr [eax], al exception.module: Unicorn-32413.exe exception.exception_code: 0xc0000005 exception.offset: 175688 exception.address: 0x42ae48 registers.esp: 1636952 registers.edi: 1637180 registers.eax: 0 registers.ebp: 1637168 registers.edx: 11 registers.ebx: 1 registers.esi: 1637388 registers.ecx: 11	1
__exception__ March 14, 2025, 5:23 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xc41f exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 50207 exception.address: 0x75e9c41f registers.esp: 1634992 registers.edi: 5971592 registers.eax: 1634992 registers.ebp: 1635072 registers.edx: 0 registers.ebx: 5971592 registers.esi: 5971592 registers.ecx: 2	1

Foreign language identified in PE resource (1 event)

name

RT_VERSION

language

LANG_CHINESE

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

offset

0x000747c4

size

0x00000234

Creates executable files on the filesystem (50 out of 318 events)

file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-42640.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-11476.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-62198.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-43402.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-65012.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-31160.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-54878.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-55442.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-18415.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-62686.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-5.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-20405.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-61445.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-17310.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-56319.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-44930.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-36807.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-23956.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-25524.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-61570.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-26124.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-50928.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-60402.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-22385.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-38040.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-6544.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-6359.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-46244.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-6893.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-7081.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-13116.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-22172.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-59717.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-53262.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-54402.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-8304.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-51448.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-47200.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-13044.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-13508.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-27924.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-59200.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-53692.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-21898.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-25795.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-54089.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-20315.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-53644.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-37547.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-51378.exe

Drops an executable to the user AppData folder (2 events)

file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-4755.exe
file	C:\Users\Administrator\AppData\Local\Temp\Unicorn-41704.exe

Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) (1 event)

Time & API	Arguments	Status	Return	Repeated
NtProtectVirtualMemory March 14, 2025, 5:22 p.m.	process_identifier: 1944 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 length: 24576 protection: 32 (PAGE_EXECUTE_READ) base_address: 0x003b0000 process_handle: 0xffffffff	1	0	0

The binary likely contains encrypted or compressed data indicative of a packer (2 events)

section

{u'size_of_data': u'0x0002b000', u'virtual_address': u'0x00001000', u'entropy': 7.571347530555303, u'name': u'.text', u'virtual_size': u'0x0002a5c4'}

entropy

7.57134753056

description

A section with a high entropy has been found

entropy

0.370689655172

description

Overall entropy of this PE file is high

File has been identified by 13 AntiVirus engine on IRMA as malicious (13 events)

G Data Antivirus (Windows)	Virus: Generic.Dacic.94CCEEA9.A.EFB87E45 (Engine A), Win32.Trojan.PSE.1FY1FUT (Engine B)
Avast Core Security (Linux)	Win32:Evo-gen [Trj]
C4S ClamAV (Linux)	Win.Trojan.Barys-10005825-0
F-Secure Antivirus (Linux)	Trojan.TR/Crypt.XPACK.Gen [Aquarius]
Sophos Anti-Virus (Linux)	Troj/VB-KCP
eScan Antivirus (Linux)	Generic.Dacic.94CCEEA9.A.EFB87E45(DB)
ESET Security (Windows)	Win32/VBClone.K trojan
DrWeb Antivirus (Linux)	Trojan.MulDrop20.3145
WithSecure (Linux)	Trojan.TR/Crypt.XPACK.Gen
ClamAV (Linux)	Win.Trojan.Barys-10005825-0
Bitdefender Antivirus (Linux)	Generic.Dacic.94CCEEA9.A.EFB87E45
Kaspersky Standard (Windows)	Trojan.Win32.VB.dosq
Emsisoft Commandline Scanner (Windows)	Generic.Dacic.94CCEEA9.A.EFB87E45 (B)

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action	VT	Location
No hosts contacted.

Browser recommendation

File 5731a11a22d2eb20_unicorn-53556.exe

Summary Download Resubmit sample Download yara

Score

Autosubmit

Feedback

Information on Execution

Analyzer Log

Cuckoo Log

Signatures

Feedback

Summary
Download Resubmit sample Download yara